First published: Tue Dec 31 2002(Updated: )
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
NullSoft Winamp | =2.80 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.