Winamp and Shoutcast vulnerabilities



In the last several days there have been a couple vulnerabilities disclosed that I should cover. The first up is related to Winamp. Version 5.12 is vulnerable to a problem with the way it handles .pls (playlist) files. This could allow very bad things with a specially crafted pls file. There were some workarounds mentioned, however all those workarounds can be subverted. There is a new release available http://www.winamp.com/player/.


The Security Fix lent some coverage to this yesterday. The way Winamp associates itself with playlist files under windows, explorer would likely automatically open any .pls file with winamp (if installed) and … game over. So, if you have Winamp installed, update it. Exploit in the wild….

There was also a Shoutcast vulnerability (getting problems at both ends today in online audio eh?) the vulnerability itself is old Secunia reported it in December of 2004. However, an exploit has been found in the wild. The vulnerability affects Shoutcast v. 1.9.4 and earlier. 1.9.5 fixes the issue. Apparently quite a few folks have stuck with older versions. It’s (past) time to update.

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft releases official VML patch!! The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that's been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered......
  • How to Remove SoftCop | SoftCop Removal Guide SoftCop seems to be another rogue antivirus entry in the quite prolific Wini family which includes such rogues as the recent Softsoldier (How to remove SoftSoldier), ( TrustFighter TrustFighter Removal Guide, TrustSoldier removal guide and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter......
  • Another critical IE flaw I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it's trivial for them to do worse. The bottom line is, be careful what......
Blog Traffic Exchange Related Websites
  • Web Application Security: An Overview An area of information security that has been gaining a lot more focus in recent years is the security of web applications.   This area is of particular interest because of the growing complexity of websites which makes them a strong target for those with malicious intent.  Websites are attractive to......
  • My Take: H&R Block Tax Cut In the interests of full-disclosure, I purchased H&R Block Tax Cut before signing up for affiliate ads.  We're filing our taxes ourselves this year and decided to get tax software. We don't believe our filing will be complicated, but between the move and some other changes, we wanted a program to......
  • What is Bankruptcy? Understand the process of bankruptcy before you file the forms by yourself or with an attorney. To start the process of bankruptcy, a person with an unwieldy amount of debt files for bankruptcy in the nearest court. This process is normally done with the help of attorney, a person is......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site