CVE-2009-0263

Name of the Vulnerable Software and Affected Versions Winamp versions 5.541 and earlier

Description The issue is caused by a boundary error in the processing of AIFF files, leading to a heap-based buffer overflow. This can be exploited via a large Common Chunk (COMM) header value in an AIFF file or a large invalid value in an MP3 file, potentially allowing remote attackers to cause a denial of service and possibly execute arbitrary code.

Recommendations For Winamp versions 5.541 and earlier, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, restrict the processing of AIFF and MP3 files to minimize the risk of a heap-based buffer overflow. Avoid using the COMM header value in AIFF files and invalid values in MP3 files until the issue is resolved.