BugTraq
Winamp 5.12 - 0day exploit - code execution through playlist Jan 30 2006 03:00PM
Process (processtree rootonfire org) (1 replies)
Re: Winamp 5.12 - 0day exploit - code execution through playlist Jan 30 2006 07:20PM
Chris Wysopal (weld vulnwatch org) (1 replies)

You can disable auto launching Winamp for playlist files as a workaround.

For Firefox, go to Tools / Options settings, click on Download icon, then
click on View & Edit Actions... Scroll down to M3U extension and then
push the Remove Action button. Firefox will no longer automatically
launch firefox for Winamp playlist files.

It is a good idea in general for attack surface reduction to trim down the
View & Edit actions to just the ones you need. Do you really need AIFF and
AU autolaunching for instance? What about all those Quicktime and Acrobat
formats? Looks like a lot of unnecessary attack surface to me.

For IE you need to disable the file type in Windows Explorer. Go to Tools
/ Folder Options / File Types. Scroll down to the file extension you want
to change. In this case its M3U. Check Confirm after download. You will
be prompted to launch WinAmp if a M3U file is downloaded. You can remove
the file type completely but that will also remove the ability to
double-click to launch playlists from the Windows shell.

You may want to go through this list and check confirm after download for
many file types. It would be nice if more vendors installed their file
types with this option in place.

-Chris

[ reply ]
Re: Winamp 5.12 - 0day exploit - code execution through playlist Jan 31 2006 09:49AM
bart sikkes (b sikkes gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus