Loading
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
Use CWE-119, Nullsoft vendor hub and Winamp product page to widen CVE-2009-3996 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2011-4857, CVE-2011-3834 and CVE-2010-4372 for nearby disclosures in the same product family.