Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Winamp 0-day

Published: 2007-05-02
Last Updated: 2007-05-02 02:26:45 UTC
by Chris Carboni (Version: 1)
0 comment(s)
A remote code execution vulnerability and exploit for Winamp 5.34 has been released.

The vulnerability exists within Winamp's MP4 decoding.  Successful exploitation will allow an attacker to execute arbitrary code under the context of the logged in user.

After install Winamp is associated with .MP4 files. However, Winamp does not open .MP4 files embedded within websites. This forces would-be attackers to deliver the .MP4 directly to the user’s host. E-mail or a website link that would require the download of the .MP4 file in order to play are the most likely exploit vectors.

Removal of the association of .MP4 files to Winamp will mitigate this vulnerability until a vendor supplied patch is available.

0 comment(s)
Diary Archives