Users of Winamp please be advised of a VP6 Content Parsing Buffer Overflow vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
Winamp-SA-10/27/2010: Winamp VP6 Content Parsing Buffer Overflow Vulnerability
Affected Software
* Winamp 5.581
NOTE: Other versions may also be affected.
Description of Vulnerability
Secunia Research has discovered a vulnerability in Winamp, which can
be exploited by malicious people to potentially compromise a user's
system.
The vulnerability is caused by an error in the VP6 codec (vp6.w5s)
when parsing VP6 video content. This can be exploited to cause a
heap-based buffer overflow via a specially crafted media file or
stream.
Successful exploitation may allow execution of arbitrary code.
Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/e7ln
No comments:
Post a Comment