Highly critical vulnerabilities were discovered in Winamp. Two integer overflow errors in in_avi.dll plugin when allocating memory allow attacker to cause buffer overflow condition via crafted AVI file. Also a vulnerability in in_mod.dll when processing the song message data was discovered. It can be exploited to cause buffer overflow.
A successful attack allows to execute malicious code.
Flaws were confirmed in version 5.622. Other versions can be vulnerable also.
Users should upgrade to 5.623.

Source: Secunia
13.12.2011