| ZeroXL |
ALERT !! Winamp Vulnerabilities !
NGSSoftware Insight Security Research Advisory
Name: Nullsoft Winamp 'in_mod.dll' Heap Overflow
Systems Affected: Nullsoft Winamp versions 2.91 to 5.02 (possibly older
versions, although this is not confirmed)
Severity: ---> :arrow: High Risk <----
Vendor URL: http://www.winamp.com/
Author: Peter Winter-Smith [ peter@ngssoftware.com ]
Date Vendor Notified: 20th Feb 2004
Date of Public Advisory: 5th April 2004
Advisory number: #NISR05042004
Advisory URL: http://www.ngssoftware.com/advisories/winampheap.txt
Fix Information
***************
Nullsoft have provided a fix for this issue. Winamp version 5.03 addresses
the security issue discussed in this advisory. It can be obtained the
official website:
http://www.winamp.com/player/ |