Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 up to and including 5.08c allows malicious users to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nullsoft winamp 5.06 |
||
nullsoft winamp 5.07 |
||
nullsoft winamp 5.0 |
||
nullsoft winamp 5.01 |
||
nullsoft winamp 5.08c |
||
nullsoft winamp 5.04 |
||
nullsoft winamp 5.05 |
||
nullsoft winamp 5.02 |
||
nullsoft winamp 5.03 |