Slashdot Mirror

← Back to Stories (view on slashdot.org)

WinAmp Security Hole Discovered, Patched

Posted by simoniker on from the cha-cha-oops dept.

Sbarbero writes "According to Techworld.com, a significant security hole has been discovered in NullSoft's WinAmp, meaning everyone should upgrade to the 5.03 version the makers have just put out right now. Security company NGS has found that the exploit 'can be activated remotely simply by rendering a specially crafted html document' and will run arbitrary code - they have a full advisory on their site." Oddly enough, the vulnerability is in the playback for the classic .XM 'tracker' music format.

3 of 393 comments (clear)

  1. The un-informed masses/File checking built in(?) by adamgreenfield · · Score: 1, Offtopic

    Guess this means I need to mass e-mail friends and family still using Kazaa and Kazaa-like tools for filesharing. I know that newer versions of Kazaa come with some sort of file scanning tool, anyone know if that picks this sort of stuff up? (or will after the definitions are updated)

    --
    -Adam C. Greenfield
  2. Re:Hypocrisy by VivianC · · Score: 0, Offtopic

    The subtle irony of your post should rank at least a "Funny" mod or two. You were trying to be dryly ironic, right?

    --
    Viv

    Gmail invites for ip
  3. Justin did this on purpose... by yoho_jones · · Score: 0, Offtopic

    ALL PHEAR THE FRANKEL!!!

    Step 1: Create a program everyone uses with a security flaw.
    Step 2: Leave the company you made it with.
    Step 3: TAKE OVER THE WORLD!