Intrusion Prevention

Nullsoft.Winamp.Ultravox.Heap.Overflow

Description

This indicates an attempt to exploit a buffer overflow vulnerability in Nullsoft Winamp player.
The vulnerability is caused by an error that occurs when the vulnerable software handles crafted Ultravox protocol responses. It allows a remote attacker to execute arbitrary code via crafted Ultravox protocol responses.

Affected Products

AOL Winamp versions 2.666 through 5.3

Impact

System compromise: remote code execution.

Recommended Actions

Upgrade to AOL Winamp version 5.31 :
http://www.winamp.com/player/

CVE References

CVE-2006-5567

Other References