p2pnet.net News:- Winamp has an extremely critical security hole that could be exploited by hackers to compromise a user’s system., says Secunia.

“The vulnerability is caused by a boundary error in the “IN_CDDA.dll” file. This can be exploited in various ways to cause a stack-based buffer overflow e.g. by tricking a user into visiting a malicious web site containing a specially crafted “.m3u” playlist.

“Successful exploitation allows execution of arbitrary code.”

The vulnerability has been reported in version 5.05 and confirmed in version 5.06, says Secunia, adding that prior versions may also be affected.

How do you fix it?

Disassociate “.cda” and “.m3u” extensions from Winamp, recommends Secunia.

===================

See:-
extremely critical – Winamp “IN_CDDA.dll” Buffer Overflow Vulnerability, Secunia, November 25, 2004

This entry was posted on Thursday, November 25th, 2004 at 6:16 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1693 times