Nullsoft Winamp M3U Playlist Buffer Overflow Vulnerability

The M3U Playlist file parser in NullSoft Winamp does not perform proper bounds checking with the extension "#EXTINF:". Therefore, entering a string consisting of over 280 characters in conjunction with this parameter will cause a buffer overflow condition which will either crash the application or allow for arbitrary code to be executed, depending on the data entered.


 

Privacy Statement
Copyright 2010, SecurityFocus