Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.15817
Kategorie:Windows
Titel:Nullsoft Winamp IN_CDDA.dll Remote Buffer Overflow Vulnerability
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is using WinAMP5, a popular media player
which handles many files format (mp3, wavs and more...)

This version has a buffer overflow which may allow an attacker
to execute arbitrary code on this host, with the rights of the user
running WinAMP.

To perform an attack, the attack would have to send a malformed
playlist (.m3u) to the user of this host who would then have to
load it by double clicking on it.

Solution : Uninstall this software or upgrade to version 5.07
Risk factor : High

Querverweis: BugTraq ID: 11730
Common Vulnerability Exposure (CVE) ID: CVE-2004-1119
http://www.securityfocus.com/bid/11730
Bugtraq: 20041123 Winamp - Buffer Overflow In IN_CDDA.dll (Google Search)
http://marc.info/?l=bugtraq&m=110123330404482&w=2
Bugtraq: 20041124 Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched] (Google Search)
http://marc.info/?l=bugtraq&m=110146036300803&w=2
Bugtraq: 20041126 Re: Winamp - Buffer Overflow In IN_CDDA.dll [Unpatched (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2004-11/0369.html
CERT/CC vulnerability note: VU#986504
http://www.kb.cert.org/vuls/id/986504
http://www.security-assessment.com/Papers/Winamp_IN_CDDA_Buffer_Overflow.pdf
http://marc.info/?l=ntbugtraq&m=110126352412395&w=2
http://marc.info/?l=ntbugtraq&m=110135574326217&w=2
http://secunia.com/advisories/13269/
XForce ISS Database: winamp-incddadll-bo(18197)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18197
CopyrightThis script is Copyright (C) 2004 Tenable Network Security

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.