AfterDawn > News > WinAMP skin exploit in the wild

WinAMP skin exploit in the wild

Written by Petteri Pyyny @ 26 Aug 2004 14:04 User comments (4)

WinAMP skin exploit in the wild Security site Secunia has issued a warning about a security exploit using WinAMP skins. The problem is within WinAMP's skin zip files' (.wsz files) insufficient restrictions to control what can be launched from skin file's XML "browser" tag.
With this exploit, a skin file can launch executable programs when used with WinAMP, thus allowing malicious WinAMP skins to be created that can do virtually anything with user's computer. At the moment the solution to the problem is to use some other media player instead of WinAMP. The vulnerability has already been found in the wild.

Source: Secunia


More news

<Japanese record industry raided >Indie music e-store launched in the UK

Related news

Write a comment

4 user comments

127.8.2004 5:12
Ghostdog
Send private message to this user
Senior Member

This doesn´t affect Winamp 2.80, does it?

227.8.2004 23:16
LlamaKing
Send private message to this user
Newbie

This issue is now resolved with the latest release of Winamp. All users are advised to upgrade to Winamp 5.05 asap! http://www.winamp.com/player/ Changelog: http://www.winamp.com/player/version_history.php More info: http://forums.winamp.com/showthread.php?threadid=191604 http://forums.winamp.com/showthread.php?threadid=190902

327.8.2004 23:17
LlamaKing
Send private message to this user
Newbie

News Article: Winamp Security Bulletin http://www.winamp.com/about/article.php?aid=10605

428.8.2004 9:01
Toiletman
Send private message to this user
Senior Member

It doesn't affect you if you don't use skins right?

Comment this article

If you do not have an AfterDawn.com account yet, please enter your nickname and email address below. An activation link will be emailed to you.

If you already have an AfterDawn.com account, please login using the next tab.

Login by using your Afterdawn.com -username or your email address.

Bold Italics Red color Quote Code Add image Add URL




Latest news

Hasbro to create toy based on Zynga games Hasbro to create toy based on Zynga games (09 Feb 2012 23:16)
Hasbro and Zynga have announced today a partnership in which the toy giant will create toys and games based on Zynga's social games and brands. With over 230 million monthly users, Zynga's ....
Samsung expects to sell 25 million 'smart' TVs this year Samsung expects to sell 25 million 'smart' TVs this year (09 Feb 2012 22:23)
Samsung has noted today that it expects to sell over 25 million "smart" TVs this year. Overall, the company expects to sell 50 million TVs this year. Samsung's "smart TVs" are Internet-enabled, ....
Kodak to stop making digital cameras Kodak to stop making digital cameras (09 Feb 2012 21:58)
Kodak has announced it will stop making digital cameras in an effort to focus on its more profitable businesses. Additionally, the company will also stop making digital picture frames. Both ....
More rumors: Apple to release 7-inch iPad this year, as well More rumors: Apple to release 7-inch iPad this year, as well (09 Feb 2012 19:56)
Analyst Erza Gottheil of Technology Business Research has suggested today that Apple could launch a 7-inch version of its iPad tablet this year. The analyst, just like others in the industry, ....
6 user comments
Microsoft defends Windows 8 walled garden for ARM Microsoft defends Windows 8 walled garden for ARM (09 Feb 2012 18:23)
Microsoft's response to rumors about Windows On ARM tablets suggests they will be more like Windows Phones for PCs.
1 user comment

Latest user comments

News archive

Subscribe to AfterDawn's weekly newsletter.

Popular products:

Hot forum topics right now:

More information:

© 1999-2012 AfterDawn Oy rev4585 (33ms)

For information about advertising on AfterDawn.com, please contact our media sales team.