ID CVE-2004-0820
Summary Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
References
Vulnerable Configurations
  • Nullsoft Winamp 2.10
    cpe:2.3:a:nullsoft:winamp:2.10
  • cpe:2.3:a:nullsoft:winamp:2.24
    cpe:2.3:a:nullsoft:winamp:2.24
  • cpe:2.3:a:nullsoft:winamp:2.4
    cpe:2.3:a:nullsoft:winamp:2.4
  • cpe:2.3:a:nullsoft:winamp:2.50
    cpe:2.3:a:nullsoft:winamp:2.50
  • cpe:2.3:a:nullsoft:winamp:2.5e
    cpe:2.3:a:nullsoft:winamp:2.5e
  • cpe:2.3:a:nullsoft:winamp:2.60:-:full
    cpe:2.3:a:nullsoft:winamp:2.60:-:full
  • cpe:2.3:a:nullsoft:winamp:2.60:-:lite
    cpe:2.3:a:nullsoft:winamp:2.60:-:lite
  • cpe:2.3:a:nullsoft:winamp:2.61:-:full
    cpe:2.3:a:nullsoft:winamp:2.61:-:full
  • cpe:2.3:a:nullsoft:winamp:2.62:-:standard
    cpe:2.3:a:nullsoft:winamp:2.62:-:standard
  • cpe:2.3:a:nullsoft:winamp:2.64
    cpe:2.3:a:nullsoft:winamp:2.64
  • cpe:2.3:a:nullsoft:winamp:2.64:-:standard
    cpe:2.3:a:nullsoft:winamp:2.64:-:standard
  • cpe:2.3:a:nullsoft:winamp:2.65
    cpe:2.3:a:nullsoft:winamp:2.65
  • cpe:2.3:a:nullsoft:winamp:2.70
    cpe:2.3:a:nullsoft:winamp:2.70
  • cpe:2.3:a:nullsoft:winamp:2.70:-:full
    cpe:2.3:a:nullsoft:winamp:2.70:-:full
  • cpe:2.3:a:nullsoft:winamp:2.71
    cpe:2.3:a:nullsoft:winamp:2.71
  • cpe:2.3:a:nullsoft:winamp:2.72
    cpe:2.3:a:nullsoft:winamp:2.72
  • cpe:2.3:a:nullsoft:winamp:2.73
    cpe:2.3:a:nullsoft:winamp:2.73
  • cpe:2.3:a:nullsoft:winamp:2.73:-:full
    cpe:2.3:a:nullsoft:winamp:2.73:-:full
  • cpe:2.3:a:nullsoft:winamp:2.74
    cpe:2.3:a:nullsoft:winamp:2.74
  • cpe:2.3:a:nullsoft:winamp:2.75
    cpe:2.3:a:nullsoft:winamp:2.75
  • cpe:2.3:a:nullsoft:winamp:2.76
    cpe:2.3:a:nullsoft:winamp:2.76
  • cpe:2.3:a:nullsoft:winamp:2.77
    cpe:2.3:a:nullsoft:winamp:2.77
  • cpe:2.3:a:nullsoft:winamp:2.78
    cpe:2.3:a:nullsoft:winamp:2.78
  • cpe:2.3:a:nullsoft:winamp:2.79
    cpe:2.3:a:nullsoft:winamp:2.79
  • cpe:2.3:a:nullsoft:winamp:2.80
    cpe:2.3:a:nullsoft:winamp:2.80
  • cpe:2.3:a:nullsoft:winamp:2.81
    cpe:2.3:a:nullsoft:winamp:2.81
  • Nullsoft Winamp 2.91
    cpe:2.3:a:nullsoft:winamp:2.91
  • cpe:2.3:a:nullsoft:winamp:3.0
    cpe:2.3:a:nullsoft:winamp:3.0
  • cpe:2.3:a:nullsoft:winamp:3.1
    cpe:2.3:a:nullsoft:winamp:3.1
  • Nullsoft Winamp 5.01
    cpe:2.3:a:nullsoft:winamp:5.01
  • Nullsoft Winamp 5.02
    cpe:2.3:a:nullsoft:winamp:5.02
  • Nullsoft Winamp 5.03
    cpe:2.3:a:nullsoft:winamp:5.03
  • Nullsoft Winamp 5.04
    cpe:2.3:a:nullsoft:winamp:5.04
CVSS
Base: 4.6 (as of 15-06-2005 - 14:22)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Winamp. CVE-2004-0820. Remote exploit for windows platform
id EDB-ID:418
last seen 2016-01-31
modified 2004-08-25
published 2004-08-25
reporter Petrol Designs
source https://www.exploit-db.com/download/418/
title Winamp <= 5.04 - Skin File .wsz Remote Code Execution Exploit
nessus via4
NASL family Windows
NASL id WINAMP_WSZ_OVERFLOW.NASL
description The remote host is using Winamp, a popular media player which handles many files format (mp3, wavs and more...) The remote version of this software is vulnerable to a code execution flaw when processing a malformed .WSZ Winamp Skin file. An attacker may exploit this flaw by sending a malformed .wsz file to a victim on the remote host, and wait for him to load it within Winamp.
last seen 2019-02-21
modified 2018-11-15
plugin id 16204
published 2005-01-19
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=16204
title Winamp < 5.0.5 Skin File (.WSZ) Local Zone Arbitrary Code Execution
refmap via4
auscert ESB-2004.0537
misc http://www.frsirt.com/exploits/08252004.skinhead.php
secunia 12381
xf winamp-wsz-execute-code(17124)
Last major update 05-09-2008 - 16:39
Published 28-08-2004 - 00:00
Last modified 10-07-2017 - 21:30
Back to Top