E-Mail:

Winamp Buffer Overflow Vulnerability

Monday, July 18th, 2005
by Marc Erickson

Secunia Advisory: SA16077

Leon Juranic has reported a vulnerability in Winamp 5.x, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a boundary error in the handling of ID3v2 tags and can be exploited to cause a buffer overflow via e.g. a MP3 file containing an overly long string in the “Artist” field.

Successful exploitation allows execution of arbitrary code, but requires some user interaction (e.g. that the user adds a malicious MP3 file to a playlist and then plays the file).

The vulnerability has been reported in versions 5.03a, 5.09, and 5.091. Other versions may also be affected.

Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Solution: The vendor will reportedly issue a fixed version soon.

[Continue reading Secunia Advisory: SA16077]

Tags
Categories

What Do You Think?

 

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense your hard-earned information back to the community, get involved in our community site today! You can write about anything - no matter the topic. Exceptional candidates will be offered the chance to contribute to (and generate revenue from) the main Lockergnome site. Join us today!

Favorite - Nov 21, 2008

Anyvite

Event - Nov 21, 2008

Today In History: Who Shot J.R.?

Diana's Tips - Nov 19, 2008

Add Tags In Word 2007

Gnewbie Gnook - Nov 18, 2008

How Can I Scan To PDF?

71 queries / 0.189 seconds.