R
Richard
- Buffer overflow in Winamp -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
A vulnerability has been detected in version 5.05 and earlier of Winamp,
which could be used to compromise affected computers, according to Secunia.
The problem lies in a boundary error in the IN_CDDA.dll library. An attacker
could exploit this vulnerability to cause a buffer overflow in several ways,
such as tricking the user into visiting a malicious website containing a
specially-crafted m3u playlist. A successful exploit could allow the
attacker to run arbitrary code.
All users whose systems could be affected by this vulnerability are advised
to install Winamp version 5.0.6, which is available at:
http://www.winamp.com/player/
NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
A vulnerability has been detected in version 5.05 and earlier of Winamp,
which could be used to compromise affected computers, according to Secunia.
The problem lies in a boundary error in the IN_CDDA.dll library. An attacker
could exploit this vulnerability to cause a buffer overflow in several ways,
such as tricking the user into visiting a malicious website containing a
specially-crafted m3u playlist. A successful exploit could allow the
attacker to run arbitrary code.
All users whose systems could be affected by this vulnerability are advised
to install Winamp version 5.0.6, which is available at:
http://www.winamp.com/player/
NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.