Winamp Computer Name Handling Buffer Overflow Vulnerability

Monday, January 30th, 2006
by Lockergnome

ATmaCA has discovered a vulnerability in Winamp that can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a boundary error during the handling of filenames including a computer name. This can be exploited to cause a buffer overflow via a specially crafted playlist containing a filename starting with an overly long computer name (about 1040 bytes).

Successful exploitation allows execution of arbitrary code on a user’s system when e.g. a malicious website is visited.

The vulnerability has been confirmed in version 5.12. Other versions may also be affected.

NOTE: An exploit is publicly available.

Solution: Use another product.

[Continue reading Secunia Advisory SA18649]

Tags: security, vulnerability, remote, buffer overflow, arbitrary code

Tags

Categories

Security

What Do You Think?

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense hard-earned information back to the community, stake a claim on your very own Lockergnome blog today! You can write about anything - no matter the topic. Sign-up to start blogging!

Download, Freeware - Sep 5, 2008

ThunderBrowse v3.2.1.9

Word Can Remember The Shape You Are Drawing
Friday, September 5, 2008
Convert A Table To Text In Word 2007
Friday, September 5, 2008
Righteous Kill
Thursday, September 4, 2008
Stellarium v0.9.1
Thursday, September 4, 2008
Turn Off Scroll Bars In Word
Thursday, September 4, 2008

Diana's Tips - Sep 4, 2008

Easily Manage Security Settings In Vista

Circuit City Laptop Sale (Through September 6th, 2008)
Thursday, September 4, 2008
Tranquility v1.5.136
Wednesday, September 3, 2008
Insert Editing Time Into Your Word 2002 Document
Wednesday, September 3, 2008
Disable User Account Control In Vista Using The Registry
Wednesday, September 3, 2008
Circuit City GPS Sale (Through September 6th, 2008)
Wednesday, September 3, 2008

Download, Freeware - Sep 1, 2008

BitMeter v3.5.7

Update Automatic Links In Word 2002
Monday, September 1, 2008
Save A Web Page In Vista
Monday, September 1, 2008
Circuit City PC Games Sale (Through September 6th, 2008)
Monday, September 1, 2008
Reducing Web Printing Waste
Friday, August 29, 2008
Print A List Of Shortcut Keys In Word
Friday, August 29, 2008

Diana's Tips - Aug 29, 2008

Control User Account Control Through The Local Computer Policy

Get A New Car For 90% Off Retail @ Car-Auction.com
Friday, August 29, 2008
Create And Improve Your Videos With These Downloads
Friday, August 29, 2008
Caps Lock Solution
Thursday, August 28, 2008
Use A Keyboard Shortcut Instead Of The Format Painter In Word 2007
Thursday, August 28, 2008
Using Advanced Privacy Settings In Internet Explorer 7
Thursday, August 28, 2008

Archives

Categories

What else is new in Windows Fanatics?

Righteous Kill

Thursday, September 4th | No Comments

Stellarium v0.9.1

Thursday, September 4th | No Comments

Turn Off Scroll Bars In Word

Thursday, September 4th | No Comments

Easily Manage Security Settings In Vista

Thursday, September 4th | No Comments

Circuit City Laptop Sale (Through September 6th, 2008)

Thursday, September 4th | No Comments

Random Posts From the Archives

ThunderBrowse v3.2.1.9

Friday, September 5th | No Comments

Word Can Remember The Shape You Are Drawing

Friday, September 5th | No Comments

Convert A Table To Text In Word 2007

Friday, September 5th | No Comments

Righteous Kill

Thursday, September 4th | No Comments

Stellarium v0.9.1

Thursday, September 4th | No Comments

70 queries / 0.694 seconds.