 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.11530 |
| Category: | Windows |
| Title: | WinAMP3 buffer overflow |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is using WinAMP3, a popular media player which handles many files format (mp3, wavs and more...) This version has a buffer overflow which may allow an attacker to execute arbitrary code on this host, with the rights of the user running WinAMP. To perform an attack, the attack would have to send a malformed playlist (.b4s) to the user of this host who would then have to load it by double clicking on it. Since .b4s are XML-based files, most antivirus programs will let them in. Solution : Uninstall this software or upgrade to a version newer than 3.0 build 488 Risk factor : High |
| Cross-Ref: |
BugTraq ID: 6515 Common Vulnerability Exposure (CVE) ID: CVE-2003-1272 http://www.securityfocus.com/bid/6515 BugTraq ID: 6516 http://www.securityfocus.com/bid/6516 Bugtraq: 20030104 WinAmp v.3.0: buffer overflow (Google Search) http://archives.neohapsis.com/archives/bugtraq/2003-01/0025.html XForce ISS Database: winamp-b4s-path-bo(10981) https://exchange.xforce.ibmcloud.com/vulnerabilities/10981 http://www.iss.net/security_center/static/10980.php |
| Copyright | This script is Copyright (C) 2003 Tenable Network Security |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |