|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 444 CVE : CVE-2006-0708 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Exploit Available : Yes Credit : Sowhat Published : 17.02.2006
Advisory Content : Winamp .m3u Remote Buffer Overflow Vulnerability (0day) by Sowhat Discovery: 2005.07.21 Pubulished: 2006.02.16 http://secway.org/advisory/AD20060216.txt Affected: Winamp All versions (including 5.13) Overview: WinAMP is a popular media player that supports various media and playlist formats, including playlists in m3u or pls format. This bug was found during Reading the following Advisory by tombkeeper@NSFOCUS http://www.nsfocus.com/english/homepage/research/0501.htm PoC.m3u #EXTM3U #EXTINF:5,demo cda://demoAAAAAAAAAAAAAAAAAAAAAA[...about 3600?...]AAAAAAAAAAAAAA.mp3 btw: Alan McCaig (b0f) published a similar 0day vulnerability today, so I think it's time to PUB this lame advisory tooooo. see: http://www.frsirt.com/english/advisories/2006/0613 WORKAROUND: No WORKAROUND this time. plz check the vendor's website for update OR, dont use Winamp ;) Greetings to tombkeeper,killer,baozi, all 0x557 & XFOCUS guys -- Sowhat http://secway.org "Life is like a bug, Do you know how to exploit it ?"  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |