Winamp Skin Exploit in the Wild - Slashdot

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

×

Winamp Skin Exploit in the Wild 397

Posted by CmdrTaco on Thursday August 26, 2004 @03:29PM from the even-skins-are-dangerous-now dept.

An anonymous reader writes "Secunia.com has announced an exploit (derived from xml escaping the Internet zone into IE's local zone) that exploits Winamp's habit of automatically installing skins. Currently all versions of Winamp are affected. Details on the Winamp forums - apparently an exploit is already in the wild, and spreading."

This discussion has been archived. No new comments can be posted.

Winamp Skin Exploit in the Wild

Search 397 Comments Log In/Create an Account

Comments Filter:

yet another way... (Score:5, Funny)

by ryane67 ( 768994 ) writes: on Thursday August 26, 2004 @03:31PM (#10081476)

to compromise a system..

Luckily the masses of windows users are content to use windows media player which should slow the spread of this.

Share
twitter facebook
Damn you Britney! (Score:5, Funny)

by ZipR ( 584654 ) writes: on Thursday August 26, 2004 @03:31PM (#10081478)

I knew that your oh-so-sexy winamp skin would be my downfall.

Share
twitter facebook
Can I name the worm?? (Score:5, Funny)

by Lux ( 49200 ) writes: on Thursday August 26, 2004 @03:31PM (#10081488)

I propose "flensing."

Share
twitter facebook
Further evidence that skinning is stupid (Score:5, Funny)

by pestie ( 141370 ) writes: on Thursday August 26, 2004 @03:32PM (#10081492)

Seems to me I was just bitching about skinning [slashdot.org] and mentioned that security holes were one possible (but unlikely) down-side. I love when the universe makes my point for me.

Share
twitter facebook
As long as... (Score:3, Funny)

by Anonymous Coward writes: on Thursday August 26, 2004 @03:32PM (#10081499)

Just as long as the exploit isn't used to install SP2 were all safe.

Share
twitter facebook
Skinning is Worth It (Score:5, Funny)

by Anonymous Coward writes: on Thursday August 26, 2004 @03:43PM (#10081635)

Having to periodically wipe your system and reinstall from backups is a small price to pay for the ability to have your apps look like real equipment.
I mean, WinAmp can actually look like different kinds of real CD players! Can you believe that? It can look like all sorts of things; it doesn't have to look like a rectangular window at all. That just rocks! You can even change the way it looks at runtime! You can download whole new looks! Man, that is too cool.
Kudos to those guys. This is the kind of thing that really makes computing fun.

Share
twitter facebook
Re:Just another reason to use iTunes, I guess (Score:3, Funny)

by Anonymous Coward writes: on Thursday August 26, 2004 @03:45PM (#10081662)

I used to be a big fan of Winamp...but then I switched to iTunes and never looked back. Guess that's a good thing.
Good thing you never looked back. We're all pointing and laughing at you.

Parent Share
twitter facebook
Re:School must've just gotten out. (Score:5, Funny)

by machine of god ( 569301 ) writes: on Thursday August 26, 2004 @04:00PM (#10081829)

I notice the average vocabularical IQ drops about 50 points once 3pm EST hits.

vocabularical [reference.com].

I believe you were saying something?

Parent Share
twitter facebook
revenge (Score:5, Funny)

by bersl2 ( 689221 ) writes: on Thursday August 26, 2004 @04:01PM (#10081832) Journal

I'm pretty sure the llama is tired of getting its ass whipped.

Share
twitter facebook
Re:yet another way... (Score:5, Funny)

by black mariah ( 654971 ) writes: on Thursday August 26, 2004 @04:06PM (#10081877)

What can you do?

Well, when I'm dictator it will be legal to punch people in the face for doing stupid shit like that. Ought to help out a bit. Imagine a technician comes to your home, you tell them what's wrong and what you did... WHAM! A nice fist in the face. Hell of a deterrent, that.

Parent Share
twitter facebook
Re:Am I the only one... (Score:5, Funny)

by telstar ( 236404 ) writes: on Thursday August 26, 2004 @04:20PM (#10082013)

I dunno, but I like posts whose entire message changes if you neglect to read the subject.

Parent Share
twitter facebook
The RIAA press release.... (Score:3, Funny)

by endersdouble ( 719120 ) writes: on Thursday August 26, 2004 @04:44PM (#10082242)

Not only does evil P2P software break the law, it helps infect your computer! A program called Winamp, used by illegal copyright infringers to play their music files called MP3s, has a security hole allowing evil hackers to enter your system! We need to band together to ban this evil and dangerous Winamp program. Remember, no matter what, it is WRONG to use Winamp to play downloaded MP3s--and now, it is dangerous. Respect copyrights; uninstall Winamp.

Share
twitter facebook
Is calculator safe? (Score:5, Funny)

by rs79 ( 71822 ) writes: <hostmaster@open-rsc.org> on Thursday August 26, 2004 @04:45PM (#10082255) Homepage

In related news, our editors today learned of the calc_virus; remote explotation of Windows Calculator utility is possible and attackers can gain access to your machine via this program. The announcment that MS recommends you use an abacus was heralded as a remarkable advance in system security

Parent Share
twitter facebook
Re:Damn you Britney! (Score:3, Funny)

by Anonymous Coward writes: on Thursday August 26, 2004 @05:04PM (#10082399)

I think this we can blame Frank Sinatra for this one though...

I've got you under my skin
I've got you deep in the heart of me
So deep in my heart, that you're really a part of me
I've got you under my skin

Parent Share
twitter facebook
Re:yet another way... (Score:3, Funny)

by Carnildo ( 712617 ) writes: on Thursday August 26, 2004 @05:38PM (#10082701) Homepage Journal

I'm using Winamp 2 skins on XMMS. Am I vulnerable to this?

Parent Share
twitter facebook
Re:Just another reason to use iTunes, I guess (Score:2, Funny)

by Anonymous Coward writes: on Thursday August 26, 2004 @06:33PM (#10083105)

Yes, let us keep score.

Winamp gayness: 0
iTunes gayness: 1,000,000,000,OMG,LOL,000

Parent Share
twitter facebook
Re:yet another way... (Score:3, Funny)

by shish ( 588640 ) writes: on Thursday August 26, 2004 @07:05PM (#10083335) Homepage

I think the safest thing to do would be to use Winamp 4; no exploits for that :)

Parent Share
twitter facebook
Re:Damn you Britney! (Score:4, Funny)

by argStyopa ( 232550 ) writes: on Thursday August 26, 2004 @11:48PM (#10085159) Journal

I knew that your oh-so-sexy winamp skin would be my downfall.
Well duh.

Pretty Girl + Virus = trouble in just about any context.

Throw "wife" into the equation and the result may be expressed both in terms of $$ and an unreal number.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

413 commentsChatGPT Leans Liberal, Research Shows
347 commentsAmazon CEO Says 'It's Probably Not Going To Work Out' For Employees Who Defy Return-to-Office Policy
327 commentsHotel Owners Start To Write Off San Francisco as Business Nosedives
323 commentsChina is Building Nuclear Reactors Faster Than Any Other Country
315 commentsChina is Calling in Loans To Dozens of Countries

If you have a procedure with 10 parameters, you probably missed some.