14 DAY TRIAL // Security researchers from BitDefender warn that exploits for several zero-day Winamp vulnerabilities disclosed two weeks ago, have been spotted in the wild.
On October 13, security researcher Luigi Auriemma published details about four unpatched vulnerabilities in Winamp 5.581 and older versions, along with proof-of-concept attack code.
Vulnerability research vendor Secunia has confirmed that two can be exploited by attackers to execute arbitrary code remotely, and rates them as highly critical.
One is described as an integer overflow error in the "in_mkv.dll" plugin, which handles the playback of Matroska video files (MKV).
This vulnerability can be exploited by loading a specially crafted MKV file into the player, which will generate a buffer overflow condition.
The second vulnerability stems from a boundary error in the "in_mod.dll" plugin and can occur when parsing malformed Multitracker Module (MTM) files.
Successful exploitation can result in arbitrary code execution, but requires the user to intentionally right click the file in the playlist and select the "View file info" option.
"Several exploits piggybacking on these vulnerabilities were spotted in the wild," BitDefender researcher Loredana Botezatu warns, before going into detail about the MTM one.
Ms. Botezatu points out that such files are distributed via email, social networking or p2p file sharing applications, and that additional social engineering tricks are used to convince users into performing the required action.
Once they do that, a backdoor will be opened on the machine and will accept connections on port 4444. A remote attacker can connect and execute code with the same privileges of the Winamp process.
"In order to stay safe from this type of exploits, you are advised to download files from trustworthy repositories only and never perform any actions on the computer if they have been requested or suggested by persons you do not know or trust," the antivirus vendor advises.
These vulnerabilities have been fixed by Nullsoft in Winamp 5.59 Build 3033 Beta, which is available for download here.