Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Winamp | Nullsoft | 5.35 (including) | 5.35 (including) |
References
- http://morph3us.org/advisories/20070730-winamp-5.35.txt
- http://securityreason.com/securityalert/3040
- http://www.securityfocus.com/archive/1/475161/100/200/threaded
- http://www.securityfocus.com/archive/1/475183/100/200/threaded
- http://www.securityfocus.com/archive/1/475260/100/200/threaded
- http://www.securityfocus.com/archive/1/475489/100/200/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15504
- http://morph3us.org/advisories/20070730-winamp-5.35.txt
- http://securityreason.com/securityalert/3040
- http://www.securityfocus.com/archive/1/475161/100/200/threaded
- http://www.securityfocus.com/archive/1/475183/100/200/threaded
- http://www.securityfocus.com/archive/1/475260/100/200/threaded
- http://www.securityfocus.com/archive/1/475489/100/200/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15504