BugTraq
Re: Re: Winamp 5.12 - 0day exploit - code execution through playlist Jan 31 2006 06:30AM
Juha-Matti Laurio (juha-matti laurio netti fi)
Nullsoft has released a fixed version 5.13 now. Internet Storm Center
shared the information last night at
http://isc.sans.org/diary.php?storyid=1080
An official download link is
http://www.winamp.com/player/

- Juha-Matti

>
> You can disable auto launching Winamp for playlist files as a workaround.
>
> For Firefox, go to Tools / Options settings, click on Download icon, then
> click on View & Edit Actions... Scroll down to M3U extension and then
> push the Remove Action button. Firefox will no longer automatically
> launch firefox for Winamp playlist files.
>
> It is a good idea in general for attack surface reduction to trim down the
> View & Edit actions to just the ones you need. Do you really need AIFF and
> AU autolaunching for instance? What about all those Quicktime and Acrobat
> formats? Looks like a lot of unnecessary attack surface to me.
>
> For IE you need to disable the file type in Windows Explorer. Go to Tools
> / Folder Options / File Types. Scroll down to the file extension you want
> to change. In this case its M3U. Check Confirm after download. You will
> be prompted to launch WinAmp if a M3U file is downloaded. You can remove
> the file type completely but that will also remove the ability to
> double-click to launch playlists from the Windows shell.
>
> You may want to go through this list and check confirm after download for
> many file types. It would be nice if more vendors installed their file
> types with this option in place.
>
> -Chris

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus