Loading
Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information.
Use CWE-119, Nullsoft vendor hub and Winamp product page to widen CVE-2011-4857 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2011-3834, CVE-2010-4372 and CVE-2010-4371 for nearby disclosures in the same product family.