It would seem that I opened up a can of worms when i created my icq + msie advisory the other day Wich presented a new way to execute arbitrary code on a users machine winamp is equally vulnerable Winamps starts skin files with the extention wsz and the mime type interface/x-winamp-skin automaticly and saves it in a know location on the users harddisk namely : C:\Program Files\Winamp\Skins example at : http://kuperus.xs4all.nl/winamp.htm tested on version 2.80 of winamp, but other versions are likely to be affected aswell I believe a great number of programs to be vulnerable to this exploit and would currently recommend going through the filetypes (open windows explorer not internet explorer , then goto tools > folder options > file types and disable ALL extentions that have their default action set to open. I really can't tell how many programs are affected but there seem to be quite a few. This is really quite a severe vulnerability as basicly anyone with basic computer knowlage can exploit this
This archive was generated by hypermail 2b30 : Thu Jul 18 2002 - 09:45:09 PDT