Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Winamp | Nullsoft | 5.07 (including) | 5.07 (including) |
References
- http://forums.winamp.com/showthread.php?s=\u0026threadid=202007
- http://marc.info/?l=bugtraq\u0026m=110297310503541\u0026w=2
- http://marc.info/?l=full-disclosure\u0026m=110303988101973\u0026w=2
- http://securitytracker.com/alerts/2004/Dec/1012525.html
- http://www.kb.cert.org/vuls/id/372968
- http://www.securityfocus.com/bid/11909
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18466
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18467
- http://forums.winamp.com/showthread.php?s=\u0026threadid=202007
- http://marc.info/?l=bugtraq\u0026m=110297310503541\u0026w=2
- http://marc.info/?l=full-disclosure\u0026m=110303988101973\u0026w=2
- http://securitytracker.com/alerts/2004/Dec/1012525.html
- http://www.kb.cert.org/vuls/id/372968
- http://www.securityfocus.com/bid/11909
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18466
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18467