Winamp and Shoutcast vulnerabilities



In the last several days there have been a couple vulnerabilities disclosed that I should cover. The first up is related to Winamp. Version 5.12 is vulnerable to a problem with the way it handles .pls (playlist) files. This could allow very bad things with a specially crafted pls file. There were some workarounds mentioned, however all those workarounds can be subverted. There is a new release available http://www.winamp.com/player/.


The Security Fix lent some coverage to this yesterday. The way Winamp associates itself with playlist files under windows, explorer would likely automatically open any .pls file with winamp (if installed) and … game over. So, if you have Winamp installed, update it. Exploit in the wild….

There was also a Shoutcast vulnerability (getting problems at both ends today in online audio eh?) the vulnerability itself is old Secunia reported it in December of 2004. However, an exploit has been found in the wild. The vulnerability affects Shoutcast v. 1.9.4 and earlier. 1.9.5 fixes the issue. Apparently quite a few folks have stuck with older versions. It’s (past) time to update.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Windows Enterprise Suite | Removal Guide Windows Enterprise Suite is a rogue antivirus application that is made to look like and mimic the actions of legitimate security applications, but it is likely the cause of more problems on your system than it solves. It seems to be made by the same group as volcano security suite......
  • How to Remove PC Scout | PC Scout Removal Guide PC Scout is another rogue application with a similar look and feel to the Windows Security Center. (It's also apparently a clone of the same family as ActiveSecurity (ActiveSecurity Removal) It likely installs through malware and the use of web popups. Once it's installed on your system it tries to......
  • If the cumulitive IE patch fails to install This is related to MS05-054... According to Incidents.org it's possible that this will not install (user submission of this). They also have a user submitted workaround... Shinil Hong of SUNY Buffalo has sent us his analysis of problems encountered with the installation of MS05-054. Here's what Shinil found out: The......
Blog Traffic Exchange Related Websites
  • Ten Steps To Become a Linux/Unix Geek Until recently, Linux/Unix was considered OS of the geeks. However, with GUI and more desktop Linux distributions, things have simplified on both Linux and Unix. Still you can geek out with Unix/Linux using its terminal. Just follow the steps below to master the terminal. 1. Never used Linux! Get Ubuntu......
  • My Take: H&R Block Tax Cut In the interests of full-disclosure, I purchased H&R Block Tax Cut before signing up for affiliate ads.  We're filing our taxes ourselves this year and decided to get tax software. We don't believe our filing will be complicated, but between the move and some other changes, we wanted a program to......
  • Web Application Security: An Overview An area of information security that has been gaining a lot more focus in recent years is the security of web applications.   This area is of particular interest because of the growing complexity of websites which makes them a strong target for those with malicious intent.  Websites are attractive to......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site