In association with heise online

10 April 2007, 16:02

Several holes in Winamp

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Winamp media player by AOL Nullsoft is a potential entrance door for malware. According to several advisories by security specialist Piotr Bania, version 5.33 might overwrite storage structures with content that crashes the program, if manipulated files in the MatLab (extension .MAT), Impulse Tracker (.IT) and ScreamTracker-3 format (.S3M) are processed. Bania also says that there is a possibility that attackers might exploit these holes to infiltrate arbitrary malicious code via the Internet.

Probably, these programming errors are also contained in older Winamp versions. So far, no patched version has been provided for download on the Winamp site. Users of this media player should be extremely careful with affected file formats until an update is published and should also take care not to open Internet links to such files unless they come from a trusted source.

Users are also advised to disconnect the link between Winamp and the three file formats mentioned in order to prevent automatic execution. Users of the full, bundle and pro version should also completely disable the module in_mod.dll under "Preferences/Plug-ins/Input".

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit