The vulnerability is caused due to a boundary error during the handling of filenames including a computer name. This can be exploited to cause a buffer overflow via a specially crafted playlist containing a filename starting with an overly long computer name (about 1040 bytes).
Successful exploitation allows execution of arbitrary code on a user’s system when e.g. a malicious website is visited.
The vulnerability has been confirmed in version 5.12. Other versions may also be affected.
NOTE: An exploit is publicly available.
Don`t use now winamp, use another product.
