Bug in Winamp

FrSIRT rated as Critical the vulnerability that has been identified in Winamp, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to a buffer overflow error when processing a specially crafted playlist (“.pls” file) containing a malformed “File” tag, which could be exploited by remote attackers to execute arbitrary commands and take complete control of an affected system without any user-interaction via a specially crafted web page.
The solution is the upgrade to Winamp version 5.13 : http://www.winamp.com/player/

Italian Version

FrSIRT ha notificato come critica una vulnerabilità che è stata identificata in Winamp, e che potrebbe essere sfruttata da eventuali aggressori per eseguire dei comandi remoti sul Pc. La falla è dovuta ad un buffer overflow innescato da una playlist (file “.pls”) contenente il tag File1 malformato. E’ sufficiente indurre un utente ad aprire un file “.pls” dannoso, eventualmente inglobato all’interno di una pagina web. La soluzione è fare un upgrade di Winamp alla versione 5.13 disponibile qui

Link: About bug in Winamp Winamp 5.13 solves the bug

Author: Dario Salvelli

Growth Hacker, Digital Marketing expert. I work as the Global Social Media Manager of Automobili Lamborghini. Contact me

4 thoughts on “Bug in Winamp”

Comments are closed.