Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1119

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1119
Last Modified 05 Sep 2008 04:40:26
Published 10 Jan 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1119

Summary

Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.

Vulnerable Systems

Application

  • Nullsoft Winamp 5.01

  • Nullsoft Winamp 5.02

  • Nullsoft Winamp 5.03

  • Nullsoft Winamp 5.04

  • Nullsoft Winamp 5.05

  • Nullsoft Winamp 5.06


References

CERT-VN - VU#986504

BID - 11730

XF - winamp-incddadll-bo(18197)

MISC - http://www.security-assessment.com/Papers/Winamp_IN_CDDA_Buffer_Overflow.pdf

SECUNIA - 13269

BUGTRAQ - 20041123 Winamp - Buffer Overflow In IN_CDDA.dll

BUGTRAQ - 20041126 Re: Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched

NTBUGTRAQ - 20041124 Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched]


Last Updated: 27 May 2016 10:38:54