TITLE:
Winamp MP4 File Handling Memory Corruption Vulnerability
SECUNIA ADVISORY ID:
SA25089
VERIFY ADVISORY:
http://secunia.c
om/advisories/25089/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
Winamp 5.x
http://secunia.com/p
roduct/3021/
DESCRIPTION:
Marsu has reported a vulnerability in Winamp, which can be
exploited
by malicious people to compromise a user's system.
The vulnerability is caused due to an error within the
handling
of
MP4 files and can be exploited to cause memory corruption
via a
specially crafted MP4 file.
Successful exploitation allows execution of arbitrary code.
The vulnerability is reported in version 5.34. Other
versions
may
also be affected.
SOLUTION:
Do not open untrusted MP4 files.
ORIGINAL ADVISORY:
http://milw0rm.com/e
xploits/3823
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|
