WinAmp Media Player - Critical Security Update
All WinAmp users should update to the latest WinAmp release to correct two critical security issues
WinAmp Media Player - Critical Security Update
http://www.kb.cert.org/vuls/id/449092
http://www.winamp.com/player/version_history.php#5.31
http://secunia.com/advisories/22580/
Two vulnerabilities have been reported in Winamp, which can be exploited by malicious people to compromise a user's system.
1) An error in the Ultravox protocol handler during processing of the "ultravox-max-msg" header can be exploited to cause a heap-based buffer overflow via either a specially crafted playlist or a "shout:" or "uvox:" URI.
2) An error during the parsing of certain Lyrics3 tags can be exploited to cause a heap-based buffer overflow via either a specially crafted playlist or a "shout:" or "uvox:" URI.
The vulnerabilities are reported in versions 2.666 through 5.3.
SOLUTION -- Update to version 5.31
http://www.winamp.com/player/