CVE-2008-0065

Name of the Vulnerable Software and Affected Versions Winamp versions 5.21, 5.5, 5.51

Description The issue is related to multiple stack-based buffer overflows in the in mp3.dll component, which can be exploited by remote attackers to execute arbitrary code. This can be achieved by providing a long artist or name tag in Ultravox streaming metadata, specifically during the construction of stream titles.

Recommendations For Winamp version 5.21, update to a version that addresses the buffer overflow issue in in mp3.dll. For Winamp version 5.5, update to a version that addresses the buffer overflow issue in in mp3.dll. For Winamp version 5.51, update to a version that addresses the buffer overflow issue in in mp3.dll.