N/A

Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and earlier (1) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an (a) long username or a (b) crafted packet to the FindBasicAuth function in security.cpp, related to the /browse URI; and allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long path string in the (2) Browse, (3) CControl::Download, and (4) CControl::Load functions, related to the file parameter in the /dl URI. NOTE: some of these details are obtained from third party information.

N/A

N/A

Winamp Web Interface 在多个缓冲区溢出漏洞

Winamp Web Interface (Wawi) 7.5.13及更早版本存在多个缓冲区溢出，(1)远程攻击者可以通过(a)长用户名，或传给在security.cpp内的FindBasicAuth函数的(b)特制的包，来发起拒绝服务攻击(应用系统崩溃)并可能执行任意代码，和/browse URI有关；远程认证用户可以通过在(2)Browse，(3)CControl::Download和(4)CControl::Load函数中的长路径字符串来发起拒绝服务攻击(应用程序崩溃)并可能执行任意代码，和/dl

N/A

N/A