Winamp Computer Name Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/18649/
DESCRIPTION: The vulnerability is caused due to a boundary error during the handling of filenames including a computer name. This can be exploited to cause a buffer overflow via a specially crafted playlist containing a filename starting with an overly long computer name (about 1040 bytes). Successful exploitation allows execution of arbitrary code on a user's system when e.g. a malicious website is visited. The vulnerability has been confirmed in version 5.12. Other versions may also be affected.
Affected Products: Nullsoft Winamp version 5.12 and prior
Solution: The FrSIRT is not aware of any official supplied patch for this issue.
Recommendation: Use Winamp for offline media only or access only highly trusted sites until a patch is issued. It is likely that Nullsoft will quickly supply a patch, but until then use Winamp cautiously.
Complete report (http://msmvps.com/blogs/harrywaldron/archive/2006/01/30/82080.aspx)
Great response time! Winamp 5.13 has been released. Please update if you use Winamp. http://www.winamp.com/player/