|
Family: Windows --> Category: infos
Winamp Malformed Midi File Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks the version number of Winamp
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host contains a multimedia application that is
prone to a buffer overflow attack.
Description :
The remote host is using Winamp, a popular media player for Windows.
The version of Winamp installed on the remote Windows host reportedly
contains a buffer overflow in the 'in_midi.dll' library that can be
exploited using a specially-crafted MIDI file to either crash the
affected application or possibly even execute arbitrary code remotely,
subject to the rights of the user running the application.
See also :
http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-16.html
http://www.winamp.com/player/version_history.php
Solution :
Upgrade to Winamp version 5.22 or later.
Threat Level:
High / CVSS Base Score : 8
(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|