Nullsoft Winamp 3 Skin File Buffer Overflow Vulnerability

Nullsoft Winamp is a skinable media player for Microsoft Windows supporting MP3 and other filetypes. Winamp 3 skin files use a .wal extension by default.

The system that handles Winamp skin files contains an unchecked buffer that could allow code execution. By supplying an exceptionally long string for the <include file=""/> tag within the XML configuration files, it is possible to overflow the buffer and execute code in the security context of the user running Winamp.


Privacy Statement
Copyright 2010, SecurityFocus