Hello, all.
Just an FYI, there was a buffer overflow discovered in
the minibrowser of winamp-2.79 and earlier viersons.
This is exploited by the ID3v2 tags in an MP3 header.
It could be bad, depending on what somebody coded
up inside your Random Internet MP3, so better safe
than sorry.
To safeguard yourself, do what I know everybody already
loves to do - upgrade your software! Get the latest
version here -
http://download.nullsoft.com/winamp/client/winamp280_full.exe
Here's an article and the security focus vuln info:
http://news.com.com/2100-1023-895429.html?tag=fd_top
http://online.securityfocus.com/bid/4609
Anybody know if there is any code out there that
might be able to scan id3 tags in your mp3 headers
to see if you've already got tainted files?
Cheers.
-- A SARAN LUGE TUNG HUM QUO
This archive was generated by hypermail 2b30 : Wed May 01 2002 - 00:10:43 CEST