Technical Description
A vulnerability has been identified in Nullsoft Winamp, which could be exploited by remote attackers to take complete control of an affected system. This flaw is due to a buffer overflow error in the "in_midi.dll" library that does not properly handle malformed Midi file headers, which could be exploited by remote attackers to crash a vulnerable application or execute arbitrary commands by convincing a user to visit a malicious web page or open a specially crafted ".mid" file.
Affected Products
Nullsoft Winamp version 5.21 and prior
Solution
Upgrade to Nullsoft Winamp version 5.22 or later :
http://www.winamp.com/player/index.php
