Lucene search
SAINT CorporationSAINT:23BD60E2EA920985F1D39473D7170025HistoryFeb 04, 2008 - 12:00 a.m.
Winamp Ultravox streaming metadata artist tag buffer overflow
2008-02-0400:00:00
SAINT Corporation
www.saintcorporation.com
9
0.75 High
EPSS
Percentile
98.2%
Added: 02/04/2008
CVE: CVE-2008-0065
BID: 27344
OSVDB: 41707
Background
Winamp is a media player for Windows.
Problem
A buffer overflow vulnerability in the **in_mp3.dll** library when parsing Ultravox streaming metadata allows command execution when a user opens a stream containing a long, specially crafted **<artist>** tag value.
Resolution
Upgrade to Winamp 5.52 or higher.
References
<http://secunia.com/secunia_research/2008-2/advisory/>
Limitations
Exploit works on Winamp 5.21 and requires a user to open the exploit stream in Winamp.
Platforms
Windows
Related
saint
saint
Winamp Ultravox streaming metadata artist tag buffer overflow
2008-02-04 00:00:00
Winamp Ultravox streaming metadata artist tag buffer overflow
2008-02-04 00:00:00
Winamp Ultravox streaming metadata artist tag buffer overflow
2008-02-04 00:00:00
prion
prion
Stack overflow
2008-01-22 20:00:00
cvelist
cvelist
CVE-2008-0065
2008-01-22 19:00:00
nvd
nvd
CVE-2008-0065
2008-01-22 20:00:00
nessus
nessus
Winamp < 5.52 Ultravox Streaming Metadata in_mp3.dll Multiple Tag Overflow
2008-01-18 00:00:00
seebug
seebug
Winamp Ultravox流元数据多个栈溢出漏洞
2008-01-21 00:00:00
cve
cve
CVE-2008-0065
2008-01-22 20:00:00
packetstorm
packetstorm
Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow
2009-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories