|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Winamp 5.12 - 0day exploit - code execution through playlist
From: Process (processtree
rootonfire.org)
Date: Mon Jan 30 2006 - 09:00:16 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The current version of winamp contains an error in its playlist parsing allowing malicious users to
execute code via a prepared playlist.
This bug can even be triggered through a website - without user interaction - by linking to a pls
file in an IFRAME tag.
Windows DEP (Data Execution Prevention) will stop this bug. If you dont have DEP its strongly
advised to delete Winamp until a non vulnerable version is released.
More information (in german, babelfish is your friend :) at http://www.heise.de/newsticker/meldung/68981
Greets,
carol
<a href="http://www.tarifchecks.de/">http://www.tarifchecks.de/</a>
<a href="http://autoversicherung.einsurance.de/">http://autoversicherung.einsurance.de/</a>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]