Nullsoft closes Winamp vulnerabilities
The Nullsoft developers have released a beta, Build 3033, for version 5.59 of the Winamp media player. In addition to adding support for Winamp for Android, this public beta addresses two previously reported vulnerabilities in the media player's code for processing .mkv and .mtm files that can reportedly be exploited to compromise systems.
A third, previously unpublished, exploit related to a buffer overflow issue in the VP6 video codec was discovered by security specialist Secunia. Winamp 5.581 is affected, but previous versions are also likely to be vulnerable
More details about the public beta, including a list of changes and download links, can be found in a post on the Winamp Forums. As this is a development release, a change log is not yet available. The latest stable release is Winamp 5.581.
See also:
- Winamp for Android: Now in Beta, a Winamp Blog post.
- Winamp media player adds VP8/WebM support, a report from The H.
(crve)