[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'
Notification of New Vulnerabilties to Windows Systems Fixlet Messages
winvulns-announcements at bigmail.bigfix.com
Fri Jul 27 05:22:00 PDT 2012
Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 312 Published: Thu, 26 Jul 2012 18:26:25 GMT
New Fixlets:
============
***************************************************************
Title: Memory corruption vulnerability in in_mod plugin in Winamp before 5.63
Severity: Medium
Fixlet ID: 1474801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14748.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3889
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.
***************************************************************
Title: Multiple buffer overflows in Winamp 5.541 and earlier
Severity: High
Fixlet ID: 1475601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14756.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0263
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file.
***************************************************************
Title: Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623
Severity: High
Fixlet ID: 1498101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval14981.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3834
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.
***************************************************************
Title: Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates
Severity: High
Fixlet ID: 1522501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15225.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3441
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
***************************************************************
Title: Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623
Severity: High
Fixlet ID: 1535101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15351.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4857
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information.
***************************************************************
Title: Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself
Severity: Medium
Fixlet ID: 1550401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15504.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4392
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.
***************************************************************
Title: Heap memory corruption vulnerability in in_mod plugin in Winamp before 5.63
Severity: Medium
Fixlet ID: 1555301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15553.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3890
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.
***************************************************************
Title: Stack-based buffer overflow in Nullsoft Winamp 5.32
Severity: Medium
Fixlet ID: 1556201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15562.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6403
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certain menu option at the time of the attack.
***************************************************************
Title: Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541
Severity: High
Fixlet ID: 1565901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15659.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0833
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field. NOTE: some of these details are obtained from third party information.
***************************************************************
Title: Vulnerability in Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552
Severity: High
Fixlet ID: 1568301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15683.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1831
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote attackers to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow.
***************************************************************
Title: Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31
Severity: High
Fixlet ID: 1568601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15686.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5567
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags.
***************************************************************
Title: Buffer overflow in Nullsoft Winamp 5.3
Severity: High
Fixlet ID: 1569701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15697.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2180
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted WMV file.
***************************************************************
Title: Integer overflow in IN_MOD.DLL in Winamp before 5.57
Severity: High
Fixlet ID: 1571501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15715.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3997
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57 might allow remote attackers to execute arbitrary code via an Oktalyzer file that triggers a heap-based buffer overflow.
***************************************************************
Title: Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541
Severity: Medium
Fixlet ID: 1571601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15716.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3567
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting (XSS) attacks via an MP3 file with JavaScript in id3 tags.
***************************************************************
Title: Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57
Severity: High
Fixlet ID: 1574301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval15743.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4356
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo
Fixlet Description: Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57 allow remote attackers to execute arbitrary code via malformed (1) JPEG or (2) PNG data in an MP3 file.
More information about the WinVulns-Announcements
mailing list