winamp 2.73 also have this bug,

hahahahahahahahahahahahahahahaha
>
>Hi all,
>
>I have written a full disclosure buffer overflow
>exploit for the winamp 2.63 buffer overflow found in
>the M3U file parser...
>Attached is a file called DROPPER.M3U, if you execute
>the following commands in dos :
>COPY /B DROPPER.M3U+C:\WINDOWS\CDPLAYER.EXE HACKME.M3U
>when you click HACKME.M3U, the file will drop and
>execute the appended exe file, CDPLAYER.EXE in this
>case...
>The CPP source for creating DROPPER.M3U is
>http://elf.box.sk/byterage/wa263bof.cpp
>and more info can be got from
>http://elf.box.sk/byterage/wa263.htm
>
>I havent tested the exploit yet on 2.64 or underlying
>versions, but if the versions of IN_MOD.DLL match,
>those versions are vulnerable too...
>
>greetz,
>[ByteRage] http://elf.box.sk/byterage/
>
>__________________________________________________
>Do You Yahoo!?
>Get email at your own domain with Yahoo! Mail.
>http://personal.mail.yahoo.com/?.refer=text

ÍøÒ׶¯»­Õ¾´øÄã×ß½øÉñÆæ¿ìÀֵĶ¯»­ÊÀ½ç£¬
ÓеçÓ°¡¢ÓÐÓÎÏ·¡¢»¹ÓÐMTV£¡Ç§Íò±ð´í¹ýÁË£¡
http://cartoon.163.com
ÎÒÃÇÕýÔÚ½øÐÐFLASHÓÎÏ·µÄÕ÷¸å»î¶¯£¬¾²´ý¸ßÊÖµÄÀ´ÁÙ£¡

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]