CVE-2005-3188

Name of the Vulnerable Software and Affected Versions Nullsoft Winamp version 5.094

Description The issue is related to a buffer overflow that allows remote attackers to execute arbitrary code. This can be achieved through an m3u file with a long line ending in .wma or a pls file with a long File1 value ending in .wma. The application fails to perform proper bounds checking, resulting in a buffer overflow. This can lead to arbitrary code execution or cause the application to crash, resulting in a loss of integrity and/or availability.

Recommendations For Nullsoft Winamp version 5.094, consider avoiding the use of .m3u and .pls files with long lines or values ending in .wma until a patch is available. As a temporary workaround, restrict the handling of files with .wma extensions to minimize the risk of exploitation.