Winamp RIFF INFO Chunk Size Memory Allocation AVI File Handling Remote Overflow

  Severity: CRITICAL
  CVE Identifier: CVE-2011-3834
  Advisory Date: JUL 21, 2015

  DESCRIPTION

Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1004889
  Trend Micro Deep Security DPI Rule Name: 1004889 - Winamp RIFF INFO Record Heap Buffer Overflow Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • nullsoft winamp 0.20a
  • nullsoft winamp 0.92
  • nullsoft winamp 1.006
  • nullsoft winamp 1.90
  • nullsoft winamp 2.0
  • nullsoft winamp 2.10
  • nullsoft winamp 2.6
  • nullsoft winamp 2.9
  • nullsoft winamp 2.91
  • nullsoft winamp 2.92
  • nullsoft winamp 2.95
  • nullsoft winamp 5.0
  • nullsoft winamp 5.01
  • nullsoft winamp 5.02
  • nullsoft winamp 5.03
  • nullsoft winamp 5.04
  • nullsoft winamp 5.05
  • nullsoft winamp 5.06
  • nullsoft winamp 5.07
  • nullsoft winamp 5.08c
  • nullsoft winamp 5.08d
  • nullsoft winamp 5.08e
  • nullsoft winamp 5.09
  • nullsoft winamp 5.091
  • nullsoft winamp 5.093
  • nullsoft winamp 5.094
  • nullsoft winamp 5.1
  • nullsoft winamp 5.11
  • nullsoft winamp 5.111
  • nullsoft winamp 5.112
  • nullsoft winamp 5.12
  • nullsoft winamp 5.13
  • nullsoft winamp 5.2
  • nullsoft winamp 5.21
  • nullsoft winamp 5.22
  • nullsoft winamp 5.23
  • nullsoft winamp 5.24
  • nullsoft winamp 5.3
  • nullsoft winamp 5.31
  • nullsoft winamp 5.32
  • nullsoft winamp 5.33
  • nullsoft winamp 5.34
  • nullsoft winamp 5.35
  • nullsoft winamp 5.5
  • nullsoft winamp 5.51
  • nullsoft winamp 5.52
  • nullsoft winamp 5.53
  • nullsoft winamp 5.531
  • nullsoft winamp 5.54
  • nullsoft winamp 5.541
  • nullsoft winamp 5.55
  • nullsoft winamp 5.551
  • nullsoft winamp 5.552
  • nullsoft winamp 5.56
  • nullsoft winamp 5.57
  • nullsoft winamp 5.572
  • nullsoft winamp 5.58
  • nullsoft winamp 5.581
  • nullsoft winamp 5.6
  • nullsoft winamp 5.622