Winamp Multiple Integer Overflow Vulnerabilities
BID:51015
Info
Winamp Multiple Integer Overflow Vulnerabilities
| Bugtraq ID: | 51015 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2011-3834 CVE-2011-4857 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 12 2011 12:00AM |
| Updated: | Jan 27 2012 04:30PM |
| Credit: | Dmitriy Pletnev and Hossein Lotfi of Secunia Research. |
| Vulnerable: |
NullSoft Winamp 5.6.1 NullSoft Winamp 5.3.2 NullSoft Winamp 5.0 91 NullSoft Winamp 5.0 9 NullSoft Winamp 5.0 8c NullSoft Winamp 5.0 8 NullSoft Winamp 5.0 7 NullSoft Winamp 5.0 6 NullSoft Winamp 5.0 5 NullSoft Winamp 5.0 4 NullSoft Winamp 5.0 3a NullSoft Winamp 5.0 3 NullSoft Winamp 5.0 2 NullSoft Winamp 5.0 1 NullSoft Winamp 5.622 NullSoft Winamp 5.621 NullSoft Winamp 5.61 NullSoft Winamp 5.601 NullSoft Winamp 5.6 NullSoft Winamp 5.56 NullSoft Winamp 5.552 NullSoft Winamp 5.55 NullSoft Winamp 5.541 NullSoft Winamp 5.54 NullSoft Winamp 5.52 NullSoft Winamp 5.51 NullSoft Winamp 5.5 NullSoft Winamp 5.35 NullSoft Winamp 5.34a NullSoft Winamp 5.34 NullSoft Winamp 5.33 NullSoft Winamp 5.31 NullSoft Winamp 5.3 NullSoft Winamp 5.24 NullSoft Winamp 5.22 NullSoft Winamp 5.21 NullSoft Winamp 5.2 NullSoft Winamp 5.13 NullSoft Winamp 5.12 NullSoft Winamp 5.11 NullSoft Winamp 5.094 |
| Not Vulnerable: |
NullSoft Winamp 5.623 |
Discussion
Winamp Multiple Integer Overflow Vulnerabilities
Winamp is prone to multiple integer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage these issues to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Winamp is prone to multiple integer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage these issues to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Exploit / POC
Winamp Multiple Integer Overflow Vulnerabilities
A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service. This exploit is not otherwise publicly available or known to be circulating in the wild.
A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service. This exploit is not otherwise publicly available or known to be circulating in the wild.
Solution / Fix
Winamp Multiple Integer Overflow Vulnerabilities
Solution:
Vendor updates are available. Please see the references for details.
Solution:
Vendor updates are available. Please see the references for details.
References
Winamp Multiple Integer Overflow Vulnerabilities
References:
References:
- Winamp 5.623 Released (Nullsoft)
- Winamp Homepage (Nullsoft)
- Secunia Research: Winamp AVI Parsing Two Integer Overflow Vulnerabilities (Secunia Research