CVE-2011-4857

Name of the Vulnerable Software and Affected Versions Winamp versions prior to 5.623

Description The issue is related to a heap-based buffer overflow in the in mod.dll plugin, which allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file.

Recommendations For versions prior to 5.623, update to version 5.623 or later to resolve the issue. As a temporary workaround, consider disabling the in mod.dll plugin until a patch is available. Restrict access to Impulse Tracker (IT) files to minimize the risk of exploitation.