Информационная безопасность
[RU] switch to English


Уязвимости безопасности в WinAmp
Опубликовано:8 июля 2013 г.
Источник:
SecurityVulns ID:13157
Тип:клиент
Уровень опасности:
5/10
Описание:Переполнение буфера, обращение по неинициализированному указателю.
Затронутые продукты:WINAMP : WinAmp 5.63
CVE:CVE-2013-4695
 CVE-2013-4694 (Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local.dll was also reported. However, since it is only exploitable by the user of the application, this issue would not cross privilege boundaries unless Winamp is running under a highly restricted environment such as a kiosk.)
Оригинальный текстdocumentInshell Security, [CVE-2013-4695] WinAmp v5.63 gen_ff.dll links.xml Value Parsing Invalid Pointer Dereference (08.07.2013)
 documentInshell Security, [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows (08.07.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород