Test ID:	1.3.6.1.4.1.25623.1.0.15817
Category:	Windows
Title:	Nullsoft Winamp IN_CDDA.dll Remote Buffer Overflow Vulnerability
Summary:	NOSUMMARY
Description:	Description: The remote host is using WinAMP5, a popular media player which handles many files format (mp3, wavs and more...) This version has a buffer overflow which may allow an attacker to execute arbitrary code on this host, with the rights of the user running WinAMP. To perform an attack, the attack would have to send a malformed playlist (.m3u) to the user of this host who would then have to load it by double clicking on it. Solution : Uninstall this software or upgrade to version 5.07 Risk factor : High
Cross-Ref:	BugTraq ID: 11730 Common Vulnerability Exposure (CVE) ID: CVE-2004-1119 http://www.securityfocus.com/bid/11730 Bugtraq: 20041123 Winamp - Buffer Overflow In IN_CDDA.dll (Google Search) http://marc.info/?l=bugtraq&m=110123330404482&w=2 Bugtraq: 20041124 Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched] (Google Search) http://marc.info/?l=bugtraq&m=110146036300803&w=2 Bugtraq: 20041126 Re: Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-11/0369.html CERT/CC vulnerability note: VU#986504 http://www.kb.cert.org/vuls/id/986504 http://www.security-assessment.com/Papers/Winamp_IN_CDDA_Buffer_Overflow.pdf http://marc.info/?l=ntbugtraq&m=110126352412395&w=2 http://marc.info/?l=ntbugtraq&m=110135574326217&w=2 http://secunia.com/advisories/13269/ XForce ISS Database: winamp-incddadll-bo(18197) https://exchange.xforce.ibmcloud.com/vulnerabilities/18197
Copyright	This script is Copyright (C) 2004 Tenable Network Security

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.