Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Winamp 0-day - SANS Internet Storm Center SANS ISC InfoSec Forums

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Winamp 0-day
A remote code execution vulnerability and exploit for Winamp 5.34 has been released.

The vulnerability exists within Winamp's MP4 decoding.  Successful exploitation will allow an attacker to execute arbitrary code under the context of the logged in user.

After install Winamp is associated with .MP4 files. However, Winamp does not open .MP4 files embedded within websites. This forces would-be attackers to deliver the .MP4 directly to the user’s host. E-mail or a website link that would require the download of the .MP4 file in order to play are the most likely exploit vectors.

Removal of the association of .MP4 files to Winamp will mitigate this vulnerability until a vendor supplied patch is available.


140 Posts

Sign Up for Free or Log In to start participating in the conversation!