Less than a month after posting on an online forum from Nullsoft, a division of America Online.to Winamp, Nullsoft has delivered a new version of the media player to plug serious bugs. Winamp 5.2, issued Thursday, tackles a vulnerability in the software's handling of m3u playlist files, according to a developer
An attacker could put together a specially crafted m3u playlist to cause the computer to crash when the user pauses or stops play, according to an advisory from Secunia. It may also allow an intruder to execute code. The "highly critical" flaw affects the most recent versions of Winamp, versions 5.12 and 5.13, the security company said.