INTERACT FORUM

More => Old Versions => Media Jukebox => Topic started by: 511PF on December 19, 2002, 08:11:45 am

Title: MP3 and WMA Buffer Overflow
Post by: 511PF on December 19, 2002, 08:11:45 am

There is an buffer overflow in the way ID3v2 tags are handled in Windows Media Player and Winamp 2.81 and Winamp 3.0.  This is a a serious vulnerability that allows remote code execution.  The vulnerability is described here:

http://www.foundstone.com/knowledge/randd-advisories-display.html?id=338

Is MediaJukeBox vulnerable?  If so, when should we expect a patch?

Thanks guys.

Title: Re: MP3 and WMA Buffer Overflow
Post by: John Gateley on December 19, 2002, 08:58:57 am

This exploit is targeted at Winamp. We know of no buffer-overruns in  Media Jukebox.

j