BID:30539

Winamp 'NowPlaying' MP3 Tag Cross-Site Scripting Vulnerability

Info

Winamp 'NowPlaying' MP3 Tag Cross-Site Scripting Vulnerability

Bugtraq ID:	30539
Class:	Input Validation Error
CVE:	CVE-2008-3567
Remote:	Yes
Local:	No
Published:	Aug 04 2008 12:00AM
Updated:	May 07 2015 05:25PM
Credit:	Yair Amit
Vulnerable:	NullSoft Winamp 5.54

Not Vulnerable:	NullSoft Winamp 5.541

Discussion

Winamp 'NowPlaying' MP3 Tag Cross-Site Scripting Vulnerability

Winamp is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary script code within a specific domain, and to access functions used to control the vulnerable application.

This issue affects versions prior to Winamp 5.541.

Exploit / POC

Winamp 'NowPlaying' MP3 Tag Cross-Site Scripting Vulnerability

An attacker may exploit this issue using commonly available tools.

Solution / Fix

Winamp 'NowPlaying' MP3 Tag Cross-Site Scripting Vulnerability

Solution:
The vendor has released updates. Please see the references for more information.

NullSoft Winamp 5.54

NullSoft winamp5541_full_en-us.exe
http://download.nullsoft.com/winamp/client/winamp5541_full_en-us.exe

NullSoft winamp5541_lite_en-us.exe
http://download.nullsoft.com/winamp/client/winamp5541_lite_en-us.exe

NullSoft winamp5541_pro_all.exe
http://download.nullsoft.com/winamp/client/winamp5541_pro_all.exe

References

Winamp 'NowPlaying' MP3 Tag Cross-Site Scripting Vulnerability

References:

Winamp "NowPlaying" Unspecified Vulnerability: The Details (Yair Amit)
Winamp 5.541 Released (NullSoft)
Winamp Home Page (NullSoft)