Winamp and Shoutcast vulnerabilities



In the last several days there have been a couple vulnerabilities disclosed that I should cover. The first up is related to Winamp. Version 5.12 is vulnerable to a problem with the way it handles .pls (playlist) files. This could allow very bad things with a specially crafted pls file. There were some workarounds mentioned, however all those workarounds can be subverted. There is a new release available http://www.winamp.com/player/.


The Security Fix lent some coverage to this yesterday. The way Winamp associates itself with playlist files under windows, explorer would likely automatically open any .pls file with winamp (if installed) and … game over. So, if you have Winamp installed, update it. Exploit in the wild….

There was also a Shoutcast vulnerability (getting problems at both ends today in online audio eh?) the vulnerability itself is old Secunia reported it in December of 2004. However, an exploit has been found in the wild. The vulnerability affects Shoutcast v. 1.9.4 and earlier. 1.9.5 fixes the issue. Apparently quite a few folks have stuck with older versions. It’s (past) time to update.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Windows Enterprise Suite | Removal Guide Windows Enterprise Suite is a rogue antivirus application that is made to look like and mimic the actions of legitimate security applications, but it is likely the cause of more problems on your system than it solves. It seems to be made by the same group as volcano security suite......
  • If the cumulitive IE patch fails to install This is related to MS05-054... According to Incidents.org it's possible that this will not install (user submission of this). They also have a user submitted workaround... Shinil Hong of SUNY Buffalo has sent us his analysis of problems encountered with the installation of MS05-054. Here's what Shinil found out: The......
  • How to Remove SystemCop | System Cop Removal Yes, it's another rogue antivirus package that causes all sorts of headaches, popups, false warnings and yes, you have to pay to solve the problems it claims to find. Essentially the software, when installed creates lot's of files that on scanning your system it "discovers" and claims they are a......
Blog Traffic Exchange Related Websites
  • Web Application Security: An Overview An area of information security that has been gaining a lot more focus in recent years is the security of web applications.   This area is of particular interest because of the growing complexity of websites which makes them a strong target for those with malicious intent.  Websites are attractive to......
  • Why You Need a Good Home Security System There are many unexpected things which can happen these days. The world can seem pretty cruel at times. This is when you want to be able to come home and feel safe. After all, your home is a place where you want to be able to feel your best......
  • Ten Steps To Become a Linux/Unix Geek Until recently, Linux/Unix was considered OS of the geeks. However, with GUI and more desktop Linux distributions, things have simplified on both Linux and Unix. Still you can geek out with Unix/Linux using its terminal. Just follow the steps below to master the terminal. 1. Never used Linux! Get Ubuntu......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site