Users login

Create an account »


Users login

Home » Hacking News » Nullsoft Winamp Skin Predictable File Location Vulnerability

Nullsoft Winamp Skin Predictable File Location Vulnerability

by Nikola Strahija on July 21st, 2002 Nullsoft Winamp is a skinable media player for Microsoft Windows supporting MP3 and other filetypes. By default, Winamp skin files are given the .wsz extension. When installed, a skin file is placed in a predictable location within the installation directory of Winamp. An attacker may exploit this vulnerability to place malicious content in a known location. A URL reference to the file may then cause malicious content or code to be executed within local context.

Remote: Yes

Exploit: An exploit has been provided by "Jelmer" . This exploit will run arbitrary code on vulnerable systems, and should be treated appropriately.

At the time of this analysis, the website was unreachable.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »