Winamp, the popular media player, has been upgraded to 5.623 to fix three security related vulnerabilities along with several non-security related bugs.Secunia reported two of the security issues to Nullsoft, a division of AOL, back in November. Now that fixes are available Secunia have disclosed the nature of the bugs.
According to Secunia’s security advisory they discovered two vulnerabilities in Winamp, which can be exploited by malicious people to compromise a user’s system.
- An integer overflow error in the in_avi.dll plugin when allocating memory using the number of streams header value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file.
- An integer overflow error in the in_avi.dll plugin when allocating memory using the RIFF INFO chunk’s size value can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file.
The full list of fixes and changes are:
- Fixed: mp3 decoding errors at end of file (should fix reported CD burning errors)
- Fixed: [aacdec] Detection of parametric stereo for AAC files made with older encoders
- Fixed: [enc_fhgaac] MP4 encoder not always closing on errors or aborted transfers
- Fixed: [in_avi] Crashing with certain malformed AVI files
- Fixed: [in_flac & in_mp4] Memory leaks
- Fixed: [in_mod] Bounds check for comments parsing
- Fixed: [pmp] Multithreaded race condition (now supports thread-safe transfers)
- Fixed: [pmp_android] Embedded album art being deleted on transfers
- Misc: More general tweaks, improvements, fixes and optimizations
- Updated: [enc_fhgaac] Fraunhofer AAC Encoder v3.2.4
- Updated: [gen_jumpex] JTFE v1.2.5
Winamp 5.623 Full (US English version)
Winamp 5.623 Full (Multi-national installer)
Winamp 5.623 Pro (Multi-national version, asks for key during install)
Winamp 5.623 Lite (basic 2.x-style mp3/cd player)
0 reactions:
Post a Comment