CVE-2002-2412

Name of the Vulnerable Software and Affected Versions Winamp version 2.80

Description The issue allows local users to gain access to other accounts by storing authentication credentials in plaintext. This is due to the storage of credentials in the winamp.ini file, specifically in the [HTTP-AUTH] and [winamp] sections.

Recommendations For Winamp version 2.80, consider removing or securing the authentication credentials stored in the winamp.ini file to prevent unauthorized access. As a temporary workaround, restrict access to the winamp.ini file to minimize the risk of exploitation.