CVE-2005-2310

Winamp < 5.093 - Buffer Overflow via Long ID3v2 Tag

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-2310. PoCs published by Leon Juranic.

AI-analyzed exploit summary The provided text describes a buffer overflow vulnerability in Winamp's ID3v2 functionality, which can be exploited via malicious MP3 files to achieve remote code execution. The writeup references a binary exploit (25989.mp3) but does not include actual exploit code.

Description

Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Leon Juranic · textremotewindows

https://www.exploit-db.com/exploits/25989

View Code ZIP pw:eip

The provided text describes a buffer overflow vulnerability in Winamp's ID3v2 functionality, which can be exploited via malicious MP3 files to achieve remote code execution. The writeup references a binary exploit (25989.mp3) but does not include actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Winamp versions 5.03a, 5.09, and 5.091

No auth needed

Prerequisites: Victim must open a malicious MP3 file in Winamp

MITRE ATT&CK