Winamp skin file arbitrary code execution vulnerability

Today at Secunia we can read this warning for Winamp and
IE6 users. Apparently the code is out in the wild and can work when a malicious website crafts a special Winamp skin to place and execute arbitrary programs on the unsuspecting users machine, via automatic installation. Here is the quote from the security website.

Description:
A vulnerability has been reported in Winamp, which can be exploited by malicious people to compromise a user's system.

The problem is caused due to insufficient restrictions on Winamp skin zip files (.wsz). This can e.g. be exploited by a malicious website using a specially crafted Winamp skin to place and execute arbitrary programs. With Internet Explorer this can be done without user interaction.

An XML document in the Winamp skin zip file can reference a HTML document using the "browser" tag and get it to run in the "Local computer zone". This can be exploited to run an executable program embedded in the Winamp skin file using the "object" tag and the "codebase" attribute.

NOTE: The vulnerability is reportedly being exploited in the wild.

The vulnerability has been confirmed on a fully patched system with Winamp 5.04 using Internet Explorer 6.0 on Microsoft Windows XP SP1.

Solution:
Use another product.

Looks like
programs that get too popular will be targeted the same as an OS. I don't know what product I like better than Winamp for playing MP3's. But, I suppose they will plug this up pretty quick. Let's hope so. Of course it may be Microsofts problem too. If you are a member of the Winamp Forums you can login over there for additional information as it comes along. If you see or hear any more on this, please post it here or in our News Submittal System. We need on stay on top of this as Winamp is used by so many.

Source: Secunia

No posts to display