Winamp and Shoutcast vulnerabilities
In the last several days there have been a couple vulnerabilities disclosed that I should cover. The first up is related to Winamp. Version 5.12 is vulnerable to a problem with the way it handles .pls (playlist) files. This could allow very bad things with a specially crafted pls file. There were some workarounds mentioned, however all those workarounds can be subverted. There is a new release available http://www.winamp.com/player/.
The Security Fix lent some coverage to this yesterday. The way Winamp associates itself with playlist files under windows, explorer would likely automatically open any .pls file with winamp (if installed) and … game over. So, if you have Winamp installed, update it. Exploit in the wild….
There was also a Shoutcast vulnerability (getting problems at both ends today in online audio eh?) the vulnerability itself is old Secunia reported it in December of 2004. However, an exploit has been found in the wild. The vulnerability affects Shoutcast v. 1.9.4 and earlier. 1.9.5 fixes the issue. Apparently quite a few folks have stuck with older versions. It’s (past) time to update.
Popularity: 1% [?]
Related Posts - How to Remove SecuritySoldier | Security Soldier Removal SecuritySoldier is the latest in the WiniGuard Family (SecurityFIghter, SaveArmor, SaveDefender are just the names that came out in the last week.) These busy bees have pretty much just renamed the program and files. It looks the same as each of the recent previous rogues. Just as those do it......
- How to Remove Windows Enterprise Suite | Removal Guide Windows Enterprise Suite is a rogue antivirus application that is made to look like and mimic the actions of legitimate security applications, but it is likely the cause of more problems on your system than it solves. It seems to be made by the same group as volcano security suite......
- Another critical IE flaw I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it's trivial for them to do worse. The bottom line is, be careful what......
Related Websites - What is Bankruptcy? Understand the process of bankruptcy before you file the forms by yourself or with an attorney. To start the process of bankruptcy, a person with an unwieldy amount of debt files for bankruptcy in the nearest court. This process is normally done with the help of attorney, a person is......
- ePad Tablet PC Review There are lot of low cost Tablet PCs released in the market. ePad Tablet PC is one among that list. China made and the name resembles iPad and i am seeing the reviews are not so great, never comparable to iPad or other branded Tablets PC like Samsung Tab, Toshiba......
- My Take: H&R Block Tax Cut In the interests of full-disclosure, I purchased H&R Block Tax Cut before signing up for affiliate ads. We're filing our taxes ourselves this year and decided to get tax software. We don't believe our filing will be complicated, but between the move and some other changes, we wanted a program to......
Similar Posts
- Update on Internet Explorer Zero Day exploit
- MS IE Javascript exploit for zero-day (0-day) vulnerability
- MS05-053 Microsoft Windows Image Viewing Vulnerability
- Exploits in the wild and other news
- WMF vulnerability advisory update