Vulnerability CVE-2006-3228 - CERT Civis.Net

Vulnerability Name:

CVE-2006-3228 (CCN-27219)

Assigned:

2006-06-19

Published:

2006-06-19

Updated:

2017-10-19

Summary:

Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file.

CVSS v3 Severity:

9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2006-3228

Source: CONFIRM
Type: Patch
http://forums.winamp.com/showthread.php?threadid=248100

Source: CCN
Type: SA20722
WinAmp MIDI File Handling Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
20722

Source: VIM
Type: UNKNOWN
20060622 Winamp security vagueness

Source: VIM
Type: UNKNOWN
20060622 Winamp security vagueness

Source: CCN
Type: FortiGuard Advisory (FGA-2006-16)
Buffer Overflow Vulnerability on WinAmp

Source: CCN
Type: OSVDB ID: 26727
Winamp in_midi.dll MIDI File Processing Overflow

Source: CCN
Type: BID-18507
Nullsoft Winamp Malformed MIDI File Remote Buffer Overflow Vulnerability

Source: CONFIRM
Type: UNKNOWN
http://www.winamp.com/about/article.php?aid=10694

Source: CCN
Type: Winamp Web site
WINAMP.COM | Player

Source: XF
Type: UNKNOWN
winamp-midi-bo(27219)

Source: EXPLOIT-DB
Type: UNKNOWN
1935

Vulnerable Configuration:

Configuration 1:

cpe:/a:nullsoft:winamp:2.90:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:2.91:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:2.95:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:3.0:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:3.1:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.0:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.0.1:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.0.2:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.01:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.1:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.02:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.2:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.03:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.03a:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.04:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.05:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.06:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.07:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.08c:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.08d:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.08e:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.09:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.11:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.12:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.13:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.21:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:*:*:*:*:*:*:*:* (Version <= 5.23)

OR cpe:/a:nullsoft:winamp:5.091:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.093:*:*:*:*:*:*:*

OR cpe:/a:nullsoft:winamp:5.094:*:*:*:*:*:*:*

Denotes that component is vulnerable