Intrusion Prevention

CAF.File.DESC.Chunk.Integer.Overflow

Description

This indicates an attack attempt against a integer overflow vulnerability in Nullsoft Winamp.
The vulnerability is caused by an error when the CAF file parsing component handles a specially crafted CAF (Core Audio Format) file. It allows a remote attacker to execute arbitrary code.

Affected Products

Nullsoft Winamp version 5.55 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to Nullsoft Winamp version 5.551:
http://forums.winamp.com/showthread.php?threadid=303193

CVE References

CVE-2009-0186