In association with heise online

01 May 2007, 15:37

Critical Buffer Overflow in AOL Nullsoft Winamp

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The hacker with the codename Marsu Pilami has found a critical buffer overflow in the popular multimedia player AOL Nullsoft Winamp. The hole is in the libmp4v2.dll module of Winamp. Further details are not currently available, but apparently opening a malformed MP4 file can cause a buffer overflow in the module that allows a remote attacker to run arbitrary code on the user's machine.

According to comments in the code, the published proof of concept works only unreliably and Marsu confirmed to heise Security, that this is a very targeted exploit as different versions of Winamp require differently crafted MP4 files for the shellcode to be executed. Files incorrectly crafted for a given version are more likely to result in a crash of the program. According to him at least Winamp versions 5.34 and 5.33 are vulnerable. As there are no updates yet available users should take particular care when accepting MP4 files from untrusted sources like email or in Instant Messaging networks.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit