Members
Stats
  • Total Posts: 28531
  • Total Topics: 8240
  • Online Today: 945
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Winamp fixes critical integer overflow vulnerability - "in_nsv.dll" (download)  (Read 1387 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Winamp media player users need to update their software following the discovery of multiple security holes, some of which provide a means to distribute malware via booby-trapped media files.

Version 5.6 of the software for Windows fixes a critical integer overflow vulnerability in the the "in_nsv.dll" plug-in library that leaves users exposed to viral attack – provided, of course, that they are first tricked into opening a maliciously constructed stream or media file. The update from developers Nullsoft also addresses a potentially nasty, but probably less easy to exploit, bug involving the handling of midi files. The release also includes a number of performance and stability tweaks.

A release announcement can be found on Nullsoft's forum: http://forums.winamp.com/showthread.php?t=324322 but details of the security side of the update can more easily be reviewed via an advisory on the bugs by security notification firm Secunia here: http://secunia.com/advisories/42004

(ElReg)

Samker's Computer Forum - SCforum.info





krrjhn

  • SCF Advanced Member
  • ***
  • Posts: 213
  • KARMA: -5
Thanks for sharing i really need this!!

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising