Critical Buffer Overflow in AOL Nullsoft Winamp
The hacker with the codename Marsu Pilami has found a critical buffer overflow in the popular multimedia player AOL Nullsoft Winamp. The hole is in the libmp4v2.dll module of Winamp. Further details are not currently available, but apparently opening a malformed MP4 file can cause a buffer overflow in the module that allows a remote attacker to run arbitrary code on the user's machine.
According to comments in the code, the published proof of concept works only unreliably and Marsu confirmed to heise Security, that this is a very targeted exploit as different versions of Winamp require differently crafted MP4 files for the shellcode to be executed. Files incorrectly crafted for a given version are more likely to result in a crash of the program. According to him at least Winamp versions 5.34 and 5.33 are vulnerable. As there are no updates yet available users should take particular care when accepting MP4 files from untrusted sources like email or in Instant Messaging networks.
- Winamp 5.34 .MP4 File Code Execution, Proof of Concept