[G3]-Technews
[G3]-TechNews : Home| RSS | Atom | MSN | WAP

 Stickies:
Article: Step-by-Step Guide: How to set up a VPN
Article: Download: Microsoft Monad (Beta)
Article: Building a 64-Bit Multimedia Workstation
Article: Coming Soon to Windows: The Microsoft Shell (MSH)
Article: How to Reset Win NT / 2000 / XP Administrator Password
Article: The Technology Behind Dual Core CPUs
Article: How-To: Wireless Network Security
Article: Article: PCI Express - technology backgrounder
Article: Tutorial: Access Hidden Files on Your iPod
Article: Troubleshooting drivers with XP's hidden Driver Verifier Manager
Article: How to Make a 5 in 1 Network Cable
Article: Comparison - Blu-ray & HD DVD
Article: Beginners Guides Linux : Part 1 | Part 2 | Part 3
Article: How To Crack WEP (Wired Equivalent Privacy)
Article: Email Addresses Spoofing.
Link: Free PHP ebook
Link: FREE ASP.NET books and eLearning course
Link: Free registration code for Opera 8.
Invitations: Gazzag (Here) | Yahoo! 360 (Here)  | Orkut (Here)

WinAmp : risk of remote code execution.
Contributed by: G3nu1n3, at 11/25/2004 11:13:00 AM.

Users of America Online Inc.'s Winamp media player are at risk of remote code execution attacks because of a flaw in the software, according to a warning from a security research firm. The flaw, which Secunia rates as "highly critical," has been reported in Winamp versions 5.05 and 5.06. Prior versions also may be affected.

"When hosted on a Web site, these files will be automatically downloaded and opened in Winamp without any user interaction. This is enough to cause the overflow that would allow a malicious playlist to overwrite EIP and execute arbitrary code," the company said. News of the Winamp security issue comes amid reports that the last members of the original Winamp team have said goodbye to AOL. Only a few employees remain to prop up the once-ubiquitous digital audio player with minor updates, but no further improvements to Winamp are expected.


Security-Assessment.com, which is credited with finding the vulnerability, said a malicious hacker could cause a buffer overflow in various ways, the most dangerous being through a malformed .m3u playlist file.


Important:
To Read MOST UPDATED News Items browse to HOME page.

0 Comments:

Post a Comment

<< Home



[G3]-TechNews : Home| RSS | Atom | MSN | WAP


Archives :

- Monthly Archives :


- Post Count: 1,783 before June 1, 2005. (Since: October 26, 2004)