Winamp RIFF INFO Chunk Size Memory Allocation AVI File Handling Remote Overflow
Severity: CRITICAL
CVE Identifier: CVE-2011-3834
Advisory Date: JUL 21, 2015
DESCRIPTION
Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1004889
Trend Micro Deep Security DPI Rule Name: 1004889 - Winamp RIFF INFO Record Heap Buffer Overflow Vulnerability
AFFECTED SOFTWARE AND VERSION
- nullsoft winamp 0.20a
- nullsoft winamp 0.92
- nullsoft winamp 1.006
- nullsoft winamp 1.90
- nullsoft winamp 2.0
- nullsoft winamp 2.10
- nullsoft winamp 2.6
- nullsoft winamp 2.9
- nullsoft winamp 2.91
- nullsoft winamp 2.92
- nullsoft winamp 2.95
- nullsoft winamp 5.0
- nullsoft winamp 5.01
- nullsoft winamp 5.02
- nullsoft winamp 5.03
- nullsoft winamp 5.04
- nullsoft winamp 5.05
- nullsoft winamp 5.06
- nullsoft winamp 5.07
- nullsoft winamp 5.08c
- nullsoft winamp 5.08d
- nullsoft winamp 5.08e
- nullsoft winamp 5.09
- nullsoft winamp 5.091
- nullsoft winamp 5.093
- nullsoft winamp 5.094
- nullsoft winamp 5.1
- nullsoft winamp 5.11
- nullsoft winamp 5.111
- nullsoft winamp 5.112
- nullsoft winamp 5.12
- nullsoft winamp 5.13
- nullsoft winamp 5.2
- nullsoft winamp 5.21
- nullsoft winamp 5.22
- nullsoft winamp 5.23
- nullsoft winamp 5.24
- nullsoft winamp 5.3
- nullsoft winamp 5.31
- nullsoft winamp 5.32
- nullsoft winamp 5.33
- nullsoft winamp 5.34
- nullsoft winamp 5.35
- nullsoft winamp 5.5
- nullsoft winamp 5.51
- nullsoft winamp 5.52
- nullsoft winamp 5.53
- nullsoft winamp 5.531
- nullsoft winamp 5.54
- nullsoft winamp 5.541
- nullsoft winamp 5.55
- nullsoft winamp 5.551
- nullsoft winamp 5.552
- nullsoft winamp 5.56
- nullsoft winamp 5.57
- nullsoft winamp 5.572
- nullsoft winamp 5.58
- nullsoft winamp 5.581
- nullsoft winamp 5.6
- nullsoft winamp 5.622
Featured Stories
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more