Winamp 5.12 - 0day exploit - code execution through playlist

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Winamp 5.12 - 0day exploit - code execution through playlist
From: Process <processtree@xxxxxxxxxxxxxx>
Date: Mon, 30 Jan 2006 16:00:16 +0100
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: Thunderbird 1.5 (Windows/20051201)

The current version of winamp contains an error in its playlist parsing 
allowing malicious users to
execute code via a prepared playlist.

This bug can even be triggered through a website - without user interaction - 
by linking to a pls
file in an IFRAME tag.

Windows DEP (Data Execution Prevention) will stop this bug. If you dont have 
DEP its strongly
advised to delete Winamp until a non vulnerable version is released.

More information (in german, babelfish is your friend :) at 
http://www.heise.de/newsticker/meldung/68981


Greets,
carol

<a href="http://www.tarifchecks.de/";>http://www.tarifchecks.de/</a>
<a 
href="http://autoversicherung.einsurance.de/";>http://autoversicherung.einsurance.de/</a>

Follow-Ups:
- Re: Winamp 5.12 - 0day exploit - code execution through playlist
  - From: Chris Wysopal

Prev by Date: Arescom NetDSL-1000 DoS atack source
Next by Date: Re: [Full-disclosure] [ GLSA 200601-15 ] Paros: Default administrator password
Previous by thread: Re: Arescom NetDSL-1000 DoS atack source
Next by thread: Re: Winamp 5.12 - 0day exploit - code execution through playlist
Index(es):
- Date
- Thread