AOL Nullsoft Winamp IT Module Heap Memory Corruption (IN_MOD.DLL)
8 Apr. 2007
Winamp is "a proprietary media player written by Nullsoft, a subsidiary of Time Warner. It is skinnable, multi-format freeware / shareware". Successful exploitation may allow the attacker to run arbitrary code in context of user running AOL Nullsoft Winamp.
* AOL Nullsoft Winamp version 5.33 (x86) Feb 13 2007 (on Windows XP SP1/SP2).
The problem takes place when Winamp is trying to play specially crafted .IT file.
IT is the proprietary module format used by Impulse Tracker, featuring support for more advanced features than MOD or S3M before it. These include a larger limit for lines in a pattern, higher quality samples, and other effects.