This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This Signature detects Winamp Module Decoder Plugin Buffer Overflow
Winamp is a multiformat media player for Microsoft Windows platforms.
Winamp is prone to multiple security issues that affect the Module Decoder ('IN_MOD.DLL') plugin Attackers may exploit these issues to cause heap-based buffer overflows.
1. Three vulnerabilities occur when parsing instrument definitions in Impulse Tracker files.
2. A vulnerability occurs when parsing samples in Impulse Tracker files.
3. A vulnerability when occurs parsing Ultratracker files.
4. An integer-overflow error occurs when parsing Oktalyzer files.
Attackers may leverage these issues to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
These issues affect Winamp 5.56; prior versions may also be vulnerable.