Critical Flaw in WinAmp
Techtree News Staff
Publishing date: 2004-11-26 16:08:36
A critical security flaw in WinAmp allows a hacker to create a playlist and execute code in the host system.
A critical security flaw has been discovered in WinAmp that exploits the stack-based buffer overflow vulnerability allowing attacks from hackers.
The vulnerability is caused due to boundary error in the "IN_CDDA.dll" file that allows hackers to run malicious code on the user's computer.
According to reports the bug exploits the user's computer via a playlist file. The users are tricked to visit a website that is hosting the malicious code file. The file then automatically downloads and opens itself in WinAmp. Once infected, the computer can be accessed by the hacker hosting the website.
This is the second major security flaw affecting WinAmp in recent times. The earlier flaw was detected in the Skin installer mechanism that exploited a loophole, which would enable a spyware to be automatically installed on to the computer without the interaction of users. The flaw was first detected and an advisory sent out by Security-Assessment.com, a company involved in intrusion testing and code reviews.
The bug according to security firm Secunia has been rated highly critical. However, Nullsoft, which develops WinAmp, claims to have patched it in the latest WinAmp 5.06 version.
WinAmp has come out with an updated version with the flaw fixed.
Article available at-
http://www.techtree.com/techtree/jsp/showstory.jsp?storyid=56385
Techtree News Staff
Publishing date: 2004-11-26 16:08:36
A critical security flaw in WinAmp allows a hacker to create a playlist and execute code in the host system.
A critical security flaw has been discovered in WinAmp that exploits the stack-based buffer overflow vulnerability allowing attacks from hackers.
The vulnerability is caused due to boundary error in the "IN_CDDA.dll" file that allows hackers to run malicious code on the user's computer.
According to reports the bug exploits the user's computer via a playlist file. The users are tricked to visit a website that is hosting the malicious code file. The file then automatically downloads and opens itself in WinAmp. Once infected, the computer can be accessed by the hacker hosting the website.
This is the second major security flaw affecting WinAmp in recent times. The earlier flaw was detected in the Skin installer mechanism that exploited a loophole, which would enable a spyware to be automatically installed on to the computer without the interaction of users. The flaw was first detected and an advisory sent out by Security-Assessment.com, a company involved in intrusion testing and code reviews.
The bug according to security firm Secunia has been rated highly critical. However, Nullsoft, which develops WinAmp, claims to have patched it in the latest WinAmp 5.06 version.
WinAmp has come out with an updated version with the flaw fixed.
Article available at-
http://www.techtree.com/techtree/jsp/showstory.jsp?storyid=56385
