HighIBM Security Server Protection for Windows, Proventia Network MFS, Proventia-G 1.1 and earlier, Proventia Network IDS, RealSecure Server Sensor, RealSecure Network, Proventia Desktop, Proventia Network IPS, Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware:
This event indicates MIDI data with a note-on, note-off, or aftertouch event code with a note number outside the valid range of 0 to 127 for MIDI channel 15. (The name uses the term 'channel' to reflect the way the underlying vulnerability in Winamp was originally reported, but it might be more appropriately named MIDI_Invalid_Note.
This event indicates MIDI data with a note-on, note-off, or aftertouch event code with a channel outside the valid range of 0 to 127.
High
IBM Security Server Protection for Windows: 2.1.14.2680, Proventia Network MFS: XPU 31.090, Proventia-G 1.1 and earlier: XPU 31.090, Proventia Network IDS: XPU 31.090, RealSecure Server Sensor: XPU 31.090, RealSecure Network: XPU 31.090, Proventia Desktop: 2680, Proventia Network IPS: XPU 31.090, Proventia Server IPS for Linux technology: 31.090, Virtual Server Protection for Vmware: XPU 31.090
NullSoft Winamp: 5.6.1
Unauthorized Access Attempt
ullsoft Winamp is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by in_midi.dll when handling Note On messages. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
No remedy available as of May 1, 2012.
Winamp Web site
Winamp Media Player - MP3, Video, and Music Player - Winamp
http://www.winamp.com/
Luigi Auriemma 27 Jun 2011
Winamp
http://aluigi.altervista.org/adv/winamp_3-adv.txt
ISS X-Force
Nullsoft Winamp Note On buffer overflow
http://www.iss.net/security_center/static/68247.php