Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
Software | From | Fixed in |
---|---|---|
nullsoft / winamp | 2.10 | 2.10.x |
nullsoft / winamp | 2.24 | 2.24.x |
nullsoft / winamp | 2.4 | 2.4.x |
nullsoft / winamp | 2.50 | 2.50.x |
nullsoft / winamp | 2.5e | 2.5e.x |
nullsoft / winamp | 2.60 | 2.60.x |
nullsoft / winamp | 2.61 | 2.61.x |
nullsoft / winamp | 2.62 | 2.62.x |
nullsoft / winamp | 2.64 | 2.64.x |
nullsoft / winamp | 2.65 | 2.65.x |
nullsoft / winamp | 2.70 | 2.70.x |
nullsoft / winamp | 2.71 | 2.71.x |
nullsoft / winamp | 2.72 | 2.72.x |
nullsoft / winamp | 2.73 | 2.73.x |
nullsoft / winamp | 2.74 | 2.74.x |
nullsoft / winamp | 2.75 | 2.75.x |
nullsoft / winamp | 2.76 | 2.76.x |
nullsoft / winamp | 2.77 | 2.77.x |
nullsoft / winamp | 2.78 | 2.78.x |
nullsoft / winamp | 2.79 | 2.79.x |
nullsoft / winamp | 2.80 | 2.80.x |
nullsoft / winamp | 2.81 | 2.81.x |
nullsoft / winamp | 2.91 | 2.91.x |
nullsoft / winamp | 3.0 | 3.0.x |
nullsoft / winamp | 3.1 | 3.1.x |
nullsoft / winamp | 5.01 | 5.01.x |
nullsoft / winamp | 5.02 | 5.02.x |
nullsoft / winamp | 5.03 | 5.03.x |
nullsoft / winamp | 5.04 | 5.04.x |