|
|
Family: Windows --> Category: infos
Winamp < 5.13 Multiple Buffer Overflow Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple buffer overflow vulnerabilities in Winamp < 5.13
Detailed Explanation for this Vulnerability Test
Synopsis :
A multimedia application that is vulnerable to multiple buffer
overflows is installed on the remote Windows host.
Description :
The remote host is using Winamp, a popular media player for Windows.
It's possible that a remote attacker using a specially-crafted M3U or
PLS file can cause a buffer overflow in the version of Winamp
installed on the remote Windows host, resulting in a crash of the
application and even execution of arbitrary code remotely subject to
the user's rights. Note that these issues can reportedly be
exploited without user interaction by linking to a '.pls' file in an
IFRAME tag.
See also :
http://www.frsirt.com/exploits/20060129.winamp0day.c.php
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=377
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=378
http://www.winamp.com/player/version_history.php
Solution :
Upgrade to Winamp version 5.13 or later.
Threat Level:
High / CVSS Base Score : 8.0
(AV:R/AC:H/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
