Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NullSoft Winamp B4S文件播playlist字段本地缓冲区溢出漏洞
Vulnerability Description
Nullsoft Winamp是一款支持MP3和其他文件类型的媒体播放器。 Winamp在处理b4s文件的播放列表(playlist)字段没有正确检边界缓冲区长度,本地攻击者可以利用这个漏洞构建恶意b4s文件,诱使其他用户打开,进行缓冲区溢出攻击,可能以执行用户权限在系统上执行任意指令。 Winamp允许用户保存mp3列表为*.b4s文件,类似*.m3u列表文件,但是b4s使用XML方式工作。由于没有对播放列表字段进行正确检查,如果装载b4s文件时包含超长播放列表数据时,Winamp会触发缓冲区溢出,精心
CVSS Information
N/A
Vulnerability Type
N/A