Winamp beset by multiple vulnerabilities: Secunia Advisory

Versions prior to Winamp 5.6 beset by plug-in security issues.

Information security research firm Secunia has issued an advisory with details of multiple vulnerabilities in the Winamp media player that can be exploited to compromise systems. The advisory indicates the presence of these vulnerabilities in versions prior to Winamp version 5.6, specifically Winamp versions 5.581 and 5.59 Beta Build 3033. According to Winamp developer Nullsoft, an upgrade to Winamp version 5.6 fixes these vulnerabilities.

The two vulnerabilities identified by Secunia involve Winamp plug-ins "in_nsv.dll" and "in_midi". These can be exploited to create buffer overflows. More details of these vulnerabilities can be seen on the Secunia advisory page.

Read more on Web application security