|
|
Info |
Last Modified |
| 8 months ago |
|
|
|
|
Description |
WinAmp contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a user downloads a specifically crafted WinAmp skin from a malicious website. These skins are downloaded without prompting the user when using Internet Explorer. It is possible that the flaw may allow an attacker to to place and execute arbitrary programs resulting in a loss of confidentiality, integrity, or availability.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Information Disclosure,
Input Manipulation,
Misconfiguration
Impact:
Loss of Confidentiality,
Loss of Integrity,
Loss of Availability
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Technical |
Compressed WinAmp skin files (.wsz) include a file named skin.xml which allows other xml files to be referenced. These files can make use of the <browser> tag to reference .html files. These .html files caninclude an <object> tag with the "codebase" attribute to reference an executable (e.g. .exe) which will be executed in the browser's local zone. This allows an attacker to execute arbitrary code with the user's privileges.
|
|
Solution |
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s):
Don't download any untrusted WinAmp skins, particularly when using Internet Explorer.
|
|
Products |
|
WinAmp
 |
3.x |
5.0 |
5.0.4 |
5.0.3 |
5.0.2 |
5.0.1 |
|
|
|
|
Credit |
- K-OTik.COM Security Survey Team - Presse
 k-otik.com - K-OTik.COM Security Survey Team
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
