Plaintext Storage of Authentication Credentials in Winamp 2.80

Plaintext Storage of Authentication Credentials in Winamp 2.80

CVE-2002-2412 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.

Learn more about our User Device Pen Test.