Winamp critical flaw
Date: January 31, 2006Source: InformationWeek
By:
The bug in Winamp 5.12 is "extremely critical," the most dire alert Danish-based Secunia uses. An attacker, said Secunia, can take complete control of a PC by getting a user to download a malicious audio playlist that uses a filename larger than about 1,040 bytes. Because Winamp automatically begins playing a playlist once it's download, hackers could easily attack PCs equipped with the music player.
A proof-of-concept exploit that's on the loose suggests using an iframe to trigger a 'drive-by' attack on users who visit a malicious site, added the SANS Institute's Internet Storm Center.
The widespread attacks against the Windows Metafile (WMF) vulnerability in December and January were largely based on sites exploiting iframe vulnerabilities to compromise PCs that had simply surfed to one of thousands of malicious sites. Those same sites could conceivably add this Winamp exploit to their arsenals.
Secunia recommended that users turn to alternate player programs, but Moscow-based Kaspersky Labs said that users could deflect attacks by setting Winamp's .pls file format to "Confirm open after download" using Windows' "Folder Options/File Types" dialog.
Original article
Add comment
Email to a Friend
