Lucene search
RootSSV:2840HistoryJan 21, 2008 - 12:00 a.m.
Winamp Ultravox流元数据多个栈溢出漏洞
2008-01-2100:00:00
Root
www.seebug.org
11
0.75 High
EPSS
Percentile
98.2%
BUGTRAQ ID: 27344
CVE(CAN) ID: CVE-2008-0065
Winamp是一款流行的媒体播放器,支持多种文件格式。
Winamp在处理畸形格式的数据时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。
Winamp的in_mp3.dll库在解析Ultravox流元数据时没有正确地创建流标题。如果<metadata>部分设置了超长的<artist>和<name>标签值的话,就可能触发栈溢出,导致执行任意指令。
Nullsoft Winamp 5.51
Nullsoft Winamp 5.5
Nullsoft Winamp 5.21
Nullsoft
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.winamp.com/” target=“_blank”>http://www.winamp.com/</a>
Related
saint
saint
Winamp Ultravox streaming metadata artist tag buffer overflow
2008-02-04 00:00:00
Winamp Ultravox streaming metadata artist tag buffer overflow
2008-02-04 00:00:00
Winamp Ultravox streaming metadata artist tag buffer overflow
2008-02-04 00:00:00
prion
prion
Stack overflow
2008-01-22 20:00:00
cvelist
cvelist
CVE-2008-0065
2008-01-22 19:00:00
nvd
nvd
CVE-2008-0065
2008-01-22 20:00:00
cve
cve
CVE-2008-0065
2008-01-22 20:00:00
packetstorm
packetstorm
Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow
2009-11-26 00:00:00
checkpoint_advisories
checkpoint_advisories
nessus
nessus
Winamp < 5.52 Ultravox Streaming Metadata in_mp3.dll Multiple Tag Overflow
2008-01-18 00:00:00