| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Jul 2010 16:03:05 +0200 From: "VUPEN Security Research" <advisories@...en.com> To: <bugtraq@...urityfocus.com> Subject: VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Winamp is a proprietary media player for Windows-based PCs, written by Nullsoft, now a subsidiary of AOL. It is freeware/shareware, multi-format, extensible with plug-ins and skins, and is noted for its graphical sound visualization, playlist, and media library features." Wikipedia II. DESCRIPTION --------------------- VUPEN Vulnerability Research Team discovered multiple vulnerabilities in Winamp. These issues are caused by integer and buffer overflow errors within the "vp6.w5s" component when parsing malformed Flash Video data, which could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted FLV file. III. AFFECTED PRODUCTS --------------------------- Winamp version 5.572 and prior IV. Binary Analysis & Proof-of-concept --------------------------------------- In-depth binary analysis of the vulnerabilities and proof-of-concept codes are available through the VUPEN Binary Analysis & Exploits Service : http://www.vupen.com/english/services/ba-index.php V. SOLUTION ---------------- Upgrade to Winamp version 5.58. VI. CREDIT -------------- These vulnerabilities were discovered by Nicolas Joly of VUPEN Security VII. ABOUT VUPEN Security --------------------------- VUPEN is a leading IT security research company providing vulnerability management and security intelligence solutions which enable enterprises and institutions to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks. Governmental and federal agencies, and global enterprises in the financial services, insurance, manufacturing and technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay ahead of the latest threats. * VUPEN Vulnerability Notification Service (VNS) : http://www.vupen.com/english/services/vns-index.php * VUPEN Binary Analysis & Exploits Service (BAE) : http://www.vupen.com/english/services/ba-index.php * VUPEN Threat Protection Program for Govs (TPP) : http://www.vupen.com/english/services/tpp-index.php * VUPEN Web Application Security Scanner (WASS) : http://www.vupen.com/english/services/wass-index.php VIII. REFERENCES ---------------------- http://www.vupen.com/english/advisories/2010/1798 http://www.winamp.com/help/Version_History#Winamp_5.58 IX. DISCLOSURE TIMELINE ----------------------------- 2010-03-01 - Vendor notified 2010-03-02 - Vendor response 2010-03-24 - Status update received 2010-05-26 - Status update received 2010-07-13 - Coordinated public Disclosure
Powered by blists - more mailing lists