=====================================================================
                                     CERT-Renater

                          Note d'Information No. 2006/VULN047
_____________________________________________________________________

DATE                      : 02/02/2006

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Winamp.

======================================================================

                         National Cyber Alert System

                 Technical Cyber Security Alert TA06-032A


Winamp Playlist Buffer Overflow

    Original release date: February 1, 2006
    Last revised: --
    Source: US-CERT


Systems Affected

    Microsoft Windows systems with Winamp 5.12 or earlier


Overview

    America Online has released Winamp 5.13 to correct a buffer overflow
    vulnerability. Exploitation of this vulnerability could allow a remote
    attacker to execute arbitrary code with the privileges of the user.


I. Description

    Winamp is a media player that is commonly used to play MP3 files.
    Winamp 5.13 resolves a buffer overflow vulnerability in how playlist
    files are handled. Details are available in the following
    Vulnerability Note:

    VU#604745 - Winamp fails to properly handle playlists with long
    computer names

    Winamp contains a buffer overflow vulnerability when processing a
    playlist that specifies a long computer name. This may allow a remote
    unauthenticated attacker to execute arbitrary code on a vulnerable
    system.


II. Impact

    By convincing a user to open a specially crafted playlist file, a
    remote unauthenticated attacker may be able to execute arbitrary code
    with the privileges of the user. Winamp may open a playlist file
    without any user interaction as the result of viewing a web page or
    other HTML document.


III. Solution

Upgrade

    Upgrade to Winamp 5.13.


Appendix A. References

      * US-CERT Vulnerability Note VU#604745 -
        <http://www.kb.cert.org/vuls/id/604745>
      * CVE-2006-0476 -
        <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0476>
      * National Vulnerability Database (CVE-2006-0476) -
        <http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-0476>
      * WINAMP.COM | Player | Version History -
        <http://www.winamp.com/player/version_history.php>
      * WINAMP.COM | Player - <http://www.winamp.com/player>


  ____________________________________________________________________

    The most recent version of this document can be found at:

      <http://www.us-cert.gov/cas/techalerts/TA06-032A.html>
  ____________________________________________________________________

    Feedback can be directed to US-CERT Technical Staff. Please send
    email to <cert@cert.org> with "TA06-032A Feedback VU#604745" in the
    subject.
  ____________________________________________________________________

    For instructions on subscribing to or unsubscribing from this
    mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
  ____________________________________________________________________

    Produced 2006 by US-CERT, a government organization.

    Terms of use:

      <http://www.us-cert.gov/legal.html>
  ____________________________________________________________________


Revision History

    Feb 1, 2006: Initial release

======================================================================

            =========================================================
            Les serveurs de référence du CERT-Renater
            http://www.urec.fr/securite
            http://www.cru.fr/securite
            http://www.renater.fr
            =========================================================
            + CERT-RENATER          | tel : 01-53-94-20-44          +
            + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
            + 75013 Paris           | email: certsvp@renater.fr     +
            =========================================================