[VIM] Winamp security vagueness
Steven M. Christey
coley at mitre.org
Thu Jun 22 03:08:35 EDT 2006
Ref:
http://www.winamp.com/player/version_history.php
Changelog entry for 5.24 says:
* Fixed: [in_midi] crash bug & potential security vulnerability
But, we also have changelog for 5.22:
* Fixed: [in_midi] corrupt header crash
so, maybe we have one labeled security issue for 5.24, and another
that smells like at least a crasher, thus an issue for some vdb's, in
5.22.
But, let's toss in the Fortinet advisory just for fun:
http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-16.html
which says there's an overflow in in_midi.dll...
... which might argue for the 5.24 Winamp changelog entry since that's
labeled as a "potential" security vulnerability...
except they also say "This vulnerability affects v5.21 and prior" and
"This vulnerability was first reported to the vendor on April 19th."
... which argues for the 5.22 Winamp changelog.
and to keep things fun, we get a separate milw0rm exploit:
http://www.milw0rm.com/exploits/1935
which is for Winamp 5.21, but without any other versions stated, so
could apply to either.
Which changelog entry is for the Fortinet advisory? Which for the
milw0rm advisory? Are there 1, 2, or 3 issues?
- Steve
More information about the VIM
mailing list