Winamp Ultravox Streaming Metadata Parsing Buffer Overflow Vulnerabilities
Multiple vulnerabilities have been identified in Winamp, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. These issues are caused by buffer overflow errors in "in_mp3.dll" when constructing stream titles while parsing Ultravox streaming metadata, which could be exploited by remote attackers to execute arbitrary code via overly long "<artist>" and "<name>" tag values in the <metadata> section.
- Denial of Service
System / Technologies affected
- Winamp version 5.51 and prior
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to Winamp version 5.52 :
- No CVE information is available