Vulnerabilities > CVE-2006-6547 - Remote Denial-of-Service vulnerability in Winamp iPod Plugin Audio Book File Handling
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
mlipod
Summary
Buffer overflow in the readAA function in read_aa.cpp in Winamp iPod Plugin (ml_ipod) 2.00 p19 and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long tag in an audible.com audiobook (aa) file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- http://aluigi.altervista.org/adv/mlipodbof-adv.txt
- http://mlipod.cvs.sourceforge.net/mlipod/ml_ipod/read_aa.cpp
- http://mlipod.cvs.sourceforge.net/mlipod/ml_ipod/read_aa.cpp?r1=1.3.6.1&r2=1.3.6.2
- http://secunia.com/advisories/23354
- http://www.osvdb.org/32266
- http://www.securityfocus.com/bid/21569
- http://www.vupen.com/english/advisories/2006/4986
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30866