WinXP and WinAmp Vulnerable to Malicious MP3s 505
mypenwry writes "Foundstone, a Mission Viejo, CA security
services company, is reporting several vulnerabilities that would allow malicious
code embedded in MP3 and WMA files to be executed via WinXP and WinAmp. WinAmp
versions 2.81 and 3.0 are vulnerable
to buffer overflows via certain long ID3v2 tags when MP3 files are loaded.
More troubling is the WinXP
vulnerability: A buffer overflow exists in Explorer's automatic reading
of MP3 or WMA (Windows Media Audio) file attributes in Windows XP. An attacker
could create a malicious MP3 or WMA file, that if placed in an accessed folder
on a Windows XP system, would compromise the system and allow for remote code
execution. The MP3 does not need to be played, it simply needs to be stored in
a folder that is browsed to, such as an MP3 download folder, the desktop, or a
NetBIOS share. This vulnerability is also exploitable via Internet Explorer by
loading a malicious web site. Explorer automatically reads file attributes regardless
of whether or not the user actually highlights, clicks on, reads, or opens the
file. Windows XP's Explorer will overflow if corrupted attributes exist within
the MP3 or WMA file. Microsoft
has issued a fix for this vulnerability. Nullsoft has posted fixed version of WinAmp 2.81 and 3.0 on their web site."
Don't worry (Score:4, Funny)
Subject : Name : AC (Score:3, Funny)
"hack me baby one more time" (Score:4, Funny)
Mike
Hrm... virus scanning my MP3 collection (Score:2, Funny)
Oh wait... it's a Windows problem... never mind...
RickTheWizKid
My purpose: to inject random comments...
Why does this matter to /.-ers? (Score:5, Funny)
Re:Buffer overflow yet again (Score:2, Funny)
Re:Uh Oh (Score:5, Funny)
NO CARRIER
Re:Buffer overflow yet again (Score:5, Funny)
Oh, wait a minute...
Dupe Poll! (Score:0, Funny)
A) 15 minutes
B) 1 hour
C) 2 hours
D) 6 hours
E) 1 day
New slogan for Microsoft... (Score:1, Funny)
Not a problem... (Score:2, Funny)
Wait a few months until the RIAA's trojanized files are well and truely spread throughout the P2P networks...
then use the thousands of trojanized nodes to DDOS the RIAA
*chuckle*
Suggestion: Operation So Happy It's Thursday (Score:5, Funny)
So, why not make it official - I propose
Operation: So Happy It's Thursday
What I recommend is that everybody who finds an exploit in Windows release it on Thursday.
NOTE: be fair - a bug in a Windows APP that is not a part of Windows doesn't count - so the bug in Winamp doesn't count, but the bug in the Windows shell does.
Re:Subject : Name : AC (Score:1, Funny)
It's a good think I have Linux (Score:5, Funny)
Snooty audiophiles (Score:4, Funny)
A snooty audiophile sneers at any form of digitization - "You aren't getting all of the music - Yes, I know you are sampling a 1GHz, 64 bits per sample, but you aren't getting all the music! Only analog gets all the music! I don't care that what you are missing wouldn't amount to the width of a hydrogen atom on my beloved LP - YOU AREN'T GETTING ALL THE MUSIC"
That's what a snooty audiophile would say.
Copy and Paste into your MP3s (Score:5, Funny)
20 Print "Bill Gates laughs as he rolls about with his concubines!"
30 Print "Prepare for judgement!"
40 Input "Press any key";A$
50 If A$="AnyKey" Then fucksomeshitup;
60 W00t: Poke InChest;
70 Run "BSOD.exe -Playfile BritneySpears,HitMeOneMoreTime"
80 Print "This is what it sounds like when doves cry! Bwahaha!"
90 Goto 10
You should be able to find this on SourceForge too.
Maybe my mind's in the gutter... (Score:4, Funny)
Re:Obvious reply (Score:5, Funny)
The correct phrasing of that is: File formats don't kill programs. Programs kill programs.
This must be the work of the RIAA (Score:2, Funny)
What's next for the RIAA? A virus on music CD's that is executed when played in computers. Obviously, allowing a CD to be played in a computer is the first step to it being pirated. Instead they'll allow it to play only in DRM CD players that will play 20 hours of music per license bought (each license will cost $20).
Please don't mod me down, I'm not trying to be flamebait, I'm being sarcastic
Re:So click the update button (Score:4, Funny)
What gives you the idea that they would reject a story for any of those reasons? That sounds like a description of the front page to me.
Too late! I've already seen those landmines :S (Score:2, Funny)
Re:Buffer overflow yet again (Score:3, Funny)
Re:Snooty audiophiles (Score:5, Funny)
Hence why audiophiles hate modern sound systems - it is far too easy to get great sound reproduction nowadays, and how are you to demonstrate how large you are when a $19 CD player sounds as good as your $3000 turntable?
That is why audiophiles use "oxygen-free copper wires with authentic virgin yak wool insulation, cryogenicly treated to release signal-distorting sub-micron strain! A steal at $300/ft! Act now, and we will throw in our patented Feng Shui turntable stones - five of these will disgronificate your turntable! Normally $150 each, but a steal at $800 for a set!"
I'm so torn... (Score:2, Funny)
True Audiophile cables! (Score:4, Funny)
That is why audiophiles use "oxygen-free copper wires with authentic virgin yak wool insulation, cryogenicly treated to release signal-distorting sub-micron strain! A steal at $300/ft! Act now, and we will throw in our patented Feng Shui turntable stones - five of these will disgronificate your turntable! Normally $150 each, but a steal at $800 for a set!"
Bah, $300/ft? Are you kidding?
From Purist Audio Design [puristaudiodesign.com]:
-------
Dominus Speaker Cables (1.5 Meter)
Stereo pair of Speaker cables with fluid jacket. For more information on product, see the Product Page. Item weight per pair is 14.0 lbs.
Price each: $10,460.00
-------
So, that's about $2500/ft.
Bwhaahaahahahaha!! /me wipes eyes.
And for the record, I am not an "audiophile". I'm an audio and broadcasting engineer.
-T