Short Name |
APP:WINAMP:CDA-DEV-NAME-OF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
WinAmp CDA Device Name Overflow |
Release Date |
2005/02/15 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects malformed CDA URIs within an HTTP stream. Attackers can create a malicious play list that, when selected by a user, overflows a buffer allocated by WinAmp and enables an attacker to take control of the user's system.
A remote buffer overflow vulnerability affects the IN_CDDA.dll library of Nullsoft's Winamp. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers. It should be noted that this issue is not related to the issue outlined in BID 11730 (Nullsoft Winamp IN_CDDA.dll Remote Buffer Overflow Vulnerability). This issue will facilitate remote exploitation as an attacker may distribute malicious play-list files and entice unsuspecting users to process them with the affected application. It should be noted that this issue was originally reported in BID 12245 (Nullsoft Winamp Multiple Unspecified Vulnerabilities). It has been assigned a new BID due to the release of more information. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application.