| Check Point Reference: |
CPAI-2009-039 |
| Date Published: |
30 Jan 2009 |
| Severity: |
High
|
| Last Updated: |
Thursday 01 January, 2009 |
| Source: |
Secunia Advisory: SA33478 |
| Industry Reference: | N/A |
| Protection Provided by: |
|
| Who is Vulnerable? | NullSoft WinAmp 5.541 and prior versions |
| Vulnerability Description |
A vulnerability was reported in Nullsoft Winamp. Nullsoft Winamp is a multimedia player application that is capable of playing many formats of audio and video files, including CD tracks, MP3 music files or MPEG video files as well as numerous other formats. The vulnerability is due to improper handling of media files (.aiff). A remote attacker can exploit this vulnerability by convincing the user to open a crafted AIFF file, thereby creating a denial of service condition or potentially injecting and executing arbitrary code on the target system. |
| Vulnerability Details | The vulnerability is caused by improper handling of the header of AIFF media files. A remote attacker can exploit this vulnerability by enticing the user to open a crafted AIFF file. Successful exploitation could result in remote code execution. |
Feedback