CVE-2006-0708 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-0708
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0708

Description: Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24741 http://xforce.iss.net/xforce/xfdb/24740 http://xforce.iss.net/xforce/xfdb/24739 ST 1015621 SREASON http://securityreason.com/securityalert/444 http://securityreason.com/securityalert/492 MISC http://forums.winamp.com/showthread.php?s=&threadid=238648 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/424903/100/0/threaded BID 16623

Return to the previous page.