Josh Merchant([EMAIL PROTECTED])@Sun, Apr 01, 2001 at 12:39:55PM -0500:
> > Hi all,
> >
> > I have written a full disclosure buffer overflow
> > exploit for the winamp 2.63 buffer overflow found in
> > the M3U file parser...
>
> [Snip]
>
> Correct me if I'm wrong, but wasn't this issue already discussed back in
> July of 2000? I (admittedly) do not understand all the nuances of a buffer
> overflow, but it seems to me that the posting
>
> http://www.securityfocus.com/archive/1/70933
>
> from the Bugtraq archives deal with the exact same issue.
>
> Also, after checking the whatsnew.txt for Winamp, this security hole was
> patched in version 2.65
>
Just thought I'd throw in what the WinAMP whatsnew.txt says.
Winamp 2.65:
* fix to ex-m3u bug/security hole
