CVE-2004-1150

Name of the Vulnerable Software and Affected Versions: Winamp versions 5.0 through 5.08c

Description: The issue is related to a stack-based buffer overflow in the in cdda.dll plugin. This allows attackers to execute arbitrary code via a cda:// URL with a long device name or sound track number. The attack can be demonstrated using a .m3u or .pls playlist file.

Recommendations: For Winamp versions 5.0 through 5.08c, consider disabling the in cdda.dll plugin as a temporary workaround until a patch is available. Restrict access to cda:// URLs to minimize the risk of exploitation. Avoid using long device names or sound track numbers in cda:// URLs until the issue is resolved.