View Single Post
Old 11th July 2017, 05:20   #450
MHWallace
Junior Member
 
Join Date: Dec 2006
Posts: 3
I'm one of the bazillion who've been using Winamp for ever, like back into the 90s. Nothing even compares to Winamp. Ver 5.666 build 3516 works like a charm, for me at least. No issues whatsoever. Now in my weekly quick-scan of the US-CERT vuln listing I see that the NIST has issued CVE-2017-10725 stating that "Winamp 5.666 Build 3516(x86) allows attackers to execute arbitrary code or cause a denial of service via a crafted .flv file, related to "Data from Faulting Address controls Code Flow..." Mitre is listed as having found it. I'm going to still use Winamp, but I don't like leaving processes running that should be patched.
- Now would be a great time for the new owners of the Winamp code to get their lawyers to do what needs to be done to breath some life into Winamp and at least patch this vuln. Having read through several threads in this forum, and finding other content elsewhere, I can see there are many of us longtime users who would really appreciate it, but have pretty much given up hope of anything coming of it. But, hey one can hope, right?
- So, how about it? Any word of any movement toward some work on Winamp?
MHWallace is offline   Reply With Quote