Electronic Punk Posted October 9, 2002 Share Posted October 9, 2002 The version number is identical as the previous version and generally it is identical. The file size will be smaller because the AOD (AOL On Desktop) has been removed and a flaw has also been plugged: http://online.securityfocus.com/archive/1/...29/2002-10-05/0 Winamp 3 skin files are *.WAL and are automatically opened by MSIE. They are actually ZIP files with altered extension. They contain pictures and configuration files used by wsabi (Winamp skinning system). Wsabi engine is implemented inside wasabi.dll and is designed to provide very configurable, OS-independant system for building skinnable applications, quickly and easily (that's the reason why wsabi.dll is 800K big). A buffer overflow inside wsabi.dll may occur if tag is altered with extremely huge value for file PATH (btw, MAX_PATH on win32 is defined to be only 512B). This can allow the execution of arbitrary code inside the address space of Winamp. Wsabi filters most non- printable characters but specially designed shellcode will still pass through. Download: Winmap 3.0 Build 488 Update: Just incase you don't believe me :) http://www.xp-erience.org/comments.php?id=854 Link to comment Share on other sites More sharing options...
Toxikk Veteran Posted October 10, 2002 Veteran Share Posted October 10, 2002 finally. a new build. been waiting for one for a while. Link to comment Share on other sites More sharing options...
ibetheone Posted October 10, 2002 Share Posted October 10, 2002 Nice work Electronic Punk, I also have been waiting for a new build too. Link to comment Share on other sites More sharing options...
Electronic Punk Posted October 10, 2002 Author Share Posted October 10, 2002 This is not really a new version guys :( The mods at winamp have had 489 for a while and 490 will be the next public beta... with the following new features and no doubt more :) : http://www.winamp.com/nsdn/winamp3x/news/b.../betanews.jhtml This is just small patch to remove a serious vulnerability... more waiting required :D Link to comment Share on other sites More sharing options...
kryptonik Posted October 10, 2002 Share Posted October 10, 2002 Anything major? Link to comment Share on other sites More sharing options...
Electronic Punk Posted October 10, 2002 Author Share Posted October 10, 2002 well teh next patch will be, but this solves a buffer vulnerability. Link to comment Share on other sites More sharing options...
Toxikk Veteran Posted October 10, 2002 Veteran Share Posted October 10, 2002 is there a link for build 489? Link to comment Share on other sites More sharing options...
Electronic Punk Posted October 10, 2002 Author Share Posted October 10, 2002 No its a private internal beta, last I heard is that 490 will be the next public beta. 489 has many broken features. Link to comment Share on other sites More sharing options...
RockHound Posted October 10, 2002 Share Posted October 10, 2002 Hi, been checking http://www.winamp.com/nsdn/winamp3x/news/b.../betanews.jhtml for a while, and nothing seems to be happening ... I think the Winamp guys should inform us a little more. I mean, it's not too hard to post the changelog online... :) Oh well, let's see what will reach us in the future. Greetz, RockHound Link to comment Share on other sites More sharing options...
Recommended Posts