This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting a vulnerability in the way .PLS (Play List) files are handled by Winamp 5.12. When Outlook Express is used as mail user agent, Internet Explorer can be exploited through sending the target an e-mail that contains a link to the specially designed HTML page that triggers the attack. Also, this module can drop a specially crafted PLS file in a local folder of the user's choice.
CVE Link
Exploit Platform
Exploit Type
Product Name