|
Family: Windows --> Category: infos
Winamp < 5.31 Multiple Buffer Overflow Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks the version number of Winamp
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host contains a multimedia application that is
susceptible to multiple buffer overflow attacks.
Description :
The remote host is using Winamp, a popular media player for Windows.
The version of Winamp installed on the remote Windows host reportedly
contains two overflow flaws, one involving the 'ultravox-max-msg'
header used in its support of the Ultravox protocol and the other in
its Ultravox Lyrics3 parsing code. Using a specially-crafted stream,
a remote attacker may be able to leverage these issues to execute
arbitrary code subject to the rights of the user.
See also :
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=431
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=432
http://www.securityfocus.com/archive/1/449721/30/0/threaded
http://www.securityfocus.com/archive/1/449722/30/0/threaded
http://www.winamp.com/player/version_history.php
Solution :
Upgrade to Winamp version 5.31 or later.
Threat Level:
High / CVSS Base Score : 8
(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|