Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Winamp | Nullsoft | 2.4 (including) | 2.4 (including) |
Winamp | Nullsoft | 2.5e (including) | 2.5e (including) |
Winamp | Nullsoft | 2.10 (including) | 2.10 (including) |
Winamp | Nullsoft | 2.24 (including) | 2.24 (including) |
Winamp | Nullsoft | 2.50 (including) | 2.50 (including) |
Winamp | Nullsoft | 2.60 (including) | 2.60 (including) |
Winamp | Nullsoft | 2.61 (including) | 2.61 (including) |
Winamp | Nullsoft | 2.62 (including) | 2.62 (including) |
Winamp | Nullsoft | 2.64 (including) | 2.64 (including) |
Winamp | Nullsoft | 2.65 (including) | 2.65 (including) |
Winamp | Nullsoft | 2.70 (including) | 2.70 (including) |
Winamp | Nullsoft | 2.71 (including) | 2.71 (including) |
Winamp | Nullsoft | 2.72 (including) | 2.72 (including) |
Winamp | Nullsoft | 2.73 (including) | 2.73 (including) |
Winamp | Nullsoft | 2.74 (including) | 2.74 (including) |
Winamp | Nullsoft | 2.75 (including) | 2.75 (including) |
Winamp | Nullsoft | 2.76 (including) | 2.76 (including) |
Winamp | Nullsoft | 2.77 (including) | 2.77 (including) |
Winamp | Nullsoft | 2.78 (including) | 2.78 (including) |
Winamp | Nullsoft | 2.79 (including) | 2.79 (including) |
Winamp | Nullsoft | 2.80 (including) | 2.80 (including) |
Winamp | Nullsoft | 2.81 (including) | 2.81 (including) |
Winamp | Nullsoft | 2.91 (including) | 2.91 (including) |
Winamp | Nullsoft | 3.0 (including) | 3.0 (including) |
Winamp | Nullsoft | 3.1 (including) | 3.1 (including) |
Winamp | Nullsoft | 5.01 (including) | 5.01 (including) |
Winamp | Nullsoft | 5.02 (including) | 5.02 (including) |
Winamp | Nullsoft | 5.03 (including) | 5.03 (including) |
Winamp | Nullsoft | 5.04 (including) | 5.04 (including) |