View Single Post
Old 10th September 2003, 02:58   #1
Senior Member
shins's Avatar
Join Date: Feb 2003
Posts: 157
[EXPLOIT] Winamp 2.91 Allows Code Execution Through MIDI Files

Winamp 2.91 uses a default plugin called IN_MIDI.DLL used to play MIDI files.

The versions prior and equal to the 3.01 of this plugin let an
attacker execute code on a victim's machine, simply setting the "Track data size" value of a MIDI file to 0xffffffff.

A funny anecdote about the bug I have found is that I found it almost 9 months ago (beginning of January 2003) but I thought it was nothing of interesting and I forgot it on my hard-disk for a lot of time...
Taken from Security Corporation

Does IN_MIDI.DLL 3.03 have the same vulnerability? I wouldn't know. Don't feel like running any infected MIDIs with it either, heh.
shins is offline   Reply With Quote