|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Windows >> Winamp < 5.13 Multiple Buffer Overflow Vulnerabilities Vulnerability Assessment Details
|
Winamp < 5.13 Multiple Buffer Overflow Vulnerabilities |
||
|
Checks for multiple buffer overflow vulnerabilities in Winamp < 5.13 Detailed Explanation for this Vulnerability Assessment Summary : A multimedia application that is vulnerable to multiple buffer overflows is installed on the remote Windows host. Description : The remote host is using Winamp, a popular media player for Windows. It's possible that a remote attacker using a specially-crafted M3U or PLS file can cause a buffer overflow in the version of Winamp installed on the remote Windows host, resulting in a crash of the application and even execution of arbitrary code remotely subject to the user's rights. Note that these issues can reportedly be exploited without user interaction by linking to a '.pls' file in an IFRAME tag. See also : http://www.frsirt.com/exploits/20060129.winamp0day.c.php http://www.idefense.com/intelligence/vulnerabilities/display.php?id=377 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=378 http://www.winamp.com/player/version_history.php Solution : Upgrade to Winamp version 5.13 or later. Network Security Threat Level: High / CVSS Base Score : 8.0 (AV:R/AC:H/Au:NR/C:C/I:C/A:C/B:N) Networks Security ID: 16410, 16462 Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security |
||
|
Mainframe, DEC, VAX, AS 400 |
|
||
|
No Discussions have been posted on this vulnerability. |