[Dshield] RE: Winamp 2.91 lets code execution through MIDI files

Thor Larholm thor at pivx.com
Mon Sep 8 22:36:30 GMT 2003


As was the case with Windows Media Player, when you install Winamp the
registry settings for MIDI files are set to automatically open the file
in the associated program. As such, this is also automatically
exploitable through webpages and HTML mail.



Regards
Thor Larholm
PivX Solutions, LLC - Senior Security Researcher

-----Original Message-----
From: Auriemma Luigi 
Sent: Monday, September 08, 2003 12:19 PM
Subject: Winamp 2.91 lets code execution through MIDI files

<snip http://aluigi.altervista.org/adv/winamp-midi-adv.txt>




More information about the list mailing list