Welcome to p2pnet.net - The original daily p2p and digital news site. Always First!
REGISTER | LOGIN
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
Reviews
Open Source
Mobiles
Advertising
Products
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Scroogle Search: 
Search
 
Web p2pnet   
   Search: 
Search
Torrent Site Tracker
    Sponsored by
Frostwire
 
p2pnet
 


mp3rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

Highly critical Winamp flaw

p2pnet.net News:- Secunia says there`s a highly critical security hole in AOL`s Winamp that could be used by hackers to compromise users` systems.

The vulnerability is caused due to a boundary error in the handling of ID3v2 tags and can be exploited to cause a buffer overflow via e.g. a MP3 file containing an overly long string in the `Artist` field, says the post, quoting Leon Juranic of the LSS Security Team.

Successful exploitation allows execution of arbitrary code, but requires some user interaction (e.g. that the user adds a malicious MP3 file to a playlist and then plays the file).

The vulnerability has been reported in versions 5.03a, 5.09, and 5.091 and other versions may also be affected, says Secunia.

But there`s a simple fix.

Update to 5.094.

Something you think we should know? tips[at]p2pnet.net

See:-
SecuniaWinamp ID3v2 Tag Handling Buffer Overflow Vulnerability, July 19, 2004

This entry was posted on Thursday, July 21st, 2005 at 8:01 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 2726 times

« previous Movies File Share Top Ten
Spam as an art form next »

4 Responses to “Highly critical Winamp flaw”

  1. Reader's Write Says:
    July 21st, 2005 at 11:54 pm

    we need a firefox of mediaplayers. :P lol,

  2. Reader's Write Says:
    July 22nd, 2005 at 2:18 am

    i’m glad i use the extremely secure and flawless windows mediaplayer 10 and msn messenger instead of the shoddy winamp and aol aim. :P

  3. Reader's Write Says:
    July 24th, 2005 at 12:30 pm

    Sure do, aside from MPC, does any one know of a decent open source media player that includes a decent media manager and access to shoutcast etc for Win32?

  4. Reader's Write Says:
    July 24th, 2005 at 12:31 pm

    MSN secure? lmao

Leave a Reply

ONLY items referencing the post at hand, please. No links to personal sites, no personal attacks, trolling, freebie advertising, or off-topic posts. Thanks. And Cheers!

    Sponsored by
tek savvy