Last Updated: 2006-01-31 16:58:57 UTC
by Ed Skoudis (Version: 3)
remote code execution via a crafted playlist (.pls) file. The proof-of-concept exploit suggests using an
iframe to trigger a 'drive-by' attack on anyone unlucky enough to visit a website containing a malicious
iframe; say, third-party advertisers and forum websites--the usual vectors for this sort of thing.
Secunia's got a nice writeup of it here.
Update 21:22 UTC : Now that's what I call service! There's a new version of winamp out today, version 5.13,
which you can download now. Further research has shown that the workarounds can be bypassed, so don't
bother. Just update.
Update Jan 31: There's a sploit in the wild for this one. Have you patched yet? The kiddies will come a-callin' soon. --Ed.