Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Nullsoft Winamp Automatic Update Check Buffer Overflow Vulnerability

Nullsoft Winamp Automatic Update Check Buffer Overflow Vulnerability

by Nikola Strahija on July 7th, 2002 Nullsoft Winamp is a media player for Microsoft Windows supporting MP3 and other filetypes. Winamp is vulnerable to a buffer overflow condition when checking for updated versions. A malicious server located at www.winamp.com may return a malicious response. Exploitation may result in the execution of arbitrary code as the Winamp process.


It may be possible to exploit this vulnerability if an attacker can control the resolution of the www.winamp.com domain, possibly through DNS cache poisoning.

Remote: Yes

Exploit: http://online.securityfocus.com/data/vulnerabilities/exploits/wampexp.c


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »