CVE-2005-2310

Name of the Vulnerable Software and Affected Versions: Winamp versions 5.03a through 5.091 Winamp versions prior to 5.094

Description: The issue allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag, such as ARTIST or TITLE. This occurs due to the application's failure to perform proper bounds checking, resulting in a buffer overflow. A remote attacker can cause arbitrary code execution with a specially crafted MP3 file, leading to a loss of integrity.

Recommendations: For Winamp versions 5.03a through 5.091, update to version 5.094 or later. For Winamp versions prior to 5.094, update to version 5.094 or later. As a temporary workaround, consider avoiding the use of MP3 files with long ID3v2 tags until a patch is available.