-
January 30th, 2006, 07:59 PM
#1
Winamp Zero-Day Exploit
Hello,
I just saw the following advisory on SANS
While we're on the topic of audio software, there's a 0-day exploit out today for Winamp 5.12 that allows remote code execution via a crafted playlist (.pls) file. The proof-of-concept exploit suggests using an iframe to trigger a 'drive-by' attack on anyone unlucky enough to visit a website containing a malicious iframe; say, third-party advertisers and forum websites--the usual vectors for this sort of thing.
Secunia's got a nice writeup of it here.
Secunia has it as an Extremely Critical vulnerability.
Just a heads up! Watch yourselves!
-Deeboe
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War
http://tazforum.**********.com/
-
January 30th, 2006, 08:21 PM
#2
Thank you for the warning!
-
January 31st, 2006, 12:40 AM
#3
And, the WinAmp update is available. See the web site above.
-
January 31st, 2006, 06:52 PM
#4
Sorry about the double post, but Ed at ISC says:
Update Jan 31: There's a sploit in the wild for this one. Have you patched yet? The kiddies will come a-callin' soon. --Ed.
Check it out at: http://isc.sans.org/
Git 'er done!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|