Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:588E10E559B958E1C576B433808B6A30
HistoryMar 10, 2009 - 12:00 a.m.

Winamp skin file MAKI script buffer overflow

2009-03-1000:00:00
SAINT Corporation
download.saintcorporation.com
7
JSON

Added: 03/10/2009
BID: 34009

Background

Winamp is a media player for Windows.

Problem

A buffer overflow in Winamp allows command execution when a user opens a skin file containing a compiled MAKI script with a specially crafted string having an incorrect length field.

Resolution

Upgrade to Winamp version 5.55 or higher.

References

<http://milw0rm.com/exploits/8158&gt;

Limitations

Exploit works on Winamp 5.541.

Execution of this exploit requires the Digest::CRC PERL module. On Linux systems this is typically found in a package named such as libdigest-crc-perl or perl-Digest-CRC.

Platforms

Windows

JSON