Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Multimedia)  >   Winamp Vendors:   Nullsoft
Winamp Buffer Overflow in Processing '.m3u' File Names May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1015621
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 14 2006
Impact:   Execution of arbitrary code via network, User access via network
Exploit Included:  Yes  
Version(s): 5.13
Description:   A vulnerability was reported in Winamp. A remote user may be able to execute arbitrary code on the target user's system.

A remote user can create a '.m3u' file with a specially crafted file name. When the file is opened by the target user with Winamp, a buffer overflow will be triggered and the Winamp player will crash.

The report did not confirm arbitrary code execution.

Alan McCaig (b0f) reported this vulnerability.

Impact:   A remote user may be able to cause arbitrary code to be executed on the target user's system.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  New winamp m3u/pls .WMA & .M3U Extension overflows

This is an update on.

and also a new overflow with .m3u

This overflow is still present in the latest version of winamp 5.13 with a little bit of modifcation.


like so..
Example m3U file format:


Example pls file format:


add correct amount of A's untill overflow occurs.


This one is simple create a file with a long file name like so AAAA[...]AA.m3u save the file and open it and suprise winamp crashes.


The vendor has not been contacted on these issues due to past unsuccessfull attempts on other issues and both remain vuln in the latest
 version of winamp.

Alan McCaig (b0f)


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC