CVE-2002-0284

Name of the Vulnerable Software and Affected Versions Winamp versions 2.77 through 2.78

Description The issue allows malicious web servers to obtain the pathname of the Temporary Internet Files directory when a wma file requiring a license is opened. This occurs because the full path of the Temporary Internet Files directory is sent to the web page processing the license.

Recommendations For versions 2.77 and 2.78, consider restricting access to the license processing web page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.