Original URL: http://www.theregister.co.uk/2006/01/31/winamp_security_flap/

Winamp exploit poses hacker risk

Clear and present danger

By John Leyden

Posted in Security, 31st January 2006 16:31 GMT

Hackers have created an exploit targeting a serious security vulnerability in Winamp, the popular media player. Users are strongly urged to update their software to Winamp version 5.13 to guard against attack.

A remotely exploitable buffer overflow bug in version 5.12 of Winamp creates a means for hackers to take over machines running the vulnerable software, providing they can trick users into visiting maliciously constructed websites. A malformed playlist file, containing a filename starting with an overly long computer name, would be automatically downloaded and opened in Winamp because of the security bug. Winamp version 5.12 is confirmed as vulnerable and older versions may also be susceptible to attack. ®