US-CERT Alert: Exploit for Buffer Overflow Vulnerability in Winamp, Remortgages

US-CERT Alert: Exploit for Buffer Overflow Vulnerability in Winamp

US-CERT Alert: Exploit for Buffer Overflow Vulnerability in Winamp

January 31, 2006 -- US-CERT is aware of a public exploit for a buffer overflow vulnerability in Winamp. The buffer overflow is triggered when Winamp processes a specially crafted playlist (.PLS) file that has a long computer name.
An attacker could use social engineering to convince a user to visit a specially crafted web site that may launch Winamp without user intervention. Successful exploitation may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.

More information can be found in the following US-CERT Vulnerability Note:

* VU#604745 - Winamp fails to properly handle playlists with long computer names

US-CERT urges users and administrators to implement the following recommendations:

* Update to Winamp version 5.13 to address this vulnerability.
* Follow the instructions in the US-CERT publication Securing Your Browser to help prevent exploitation through a web browser.

Source: US-CERT

[ Comment, Edit or Article Submission ]

Remortgages

US-CERT Alert: Exploit for Buffer Overflow Vulnerability in Winamp

US-CERT Alert: Exploit for Buffer Overflow Vulnerability in Winamp

Share this:

More about:

New Posts on Blog

References: