submitted by 
bchick
on 04-05-2007
Nullsoft Winamp is a fast, flexible, high-fidelity media player for Windows. Winamp supports playback of many audio (MP3, OGG, AAC, WAV, MOD, XM, S3M, IT, MIDI, etc.) and video types (AVI, ASF, MPEG, NSV), custom appearances called skins (supporting both classic Winamp 1.x/2.x skins and Winamp 3 freeform skins), audio visualization and audio effect plug-ins (including two industry dominating visualization plug-ins), an advanced media library, Internet radio and TV support, CD ripping, and CD burning.
Winamp 5.34a Security Patch includes a patched version of in_mp4.dll (v1.22) that fixes the MP4 file parsing buffer overflow vulnerability. The vulnerability is caused due to an error within the handling of MP4 files and can be exploited to cause memory corruption via a specially crafted MP4 file. Successful exploitation allows execution of arbitrary code.
