GEN:SID 1:2550
Message EXPLOIT winamp XM module name overflow
Summary This event is generated when an attempt is made to exploit a buffer overflow
associated with Winamp's processing of a .XM file module name.
Impact A successful attack may permit a buffer overflow that allows the execution
of arbitrary code at the privilege level of the user running Winamp.
Detailed Information Winamp is a media file player for Windows developed by Nullsoft.  A buffer
overflow exists because of insufficient bounds checking while parsing fields
in a .XM file.  An overly long module name may cause the buffer overflow
permitting the execution of arbitrary code at the privilege level of the user
running Winamp.
Affected Systems Winamp 2.x, 3.x, and 5.0-5.02
Attack Scenarios An attacker can create and send a malformed .XM tracker name that may cause
a buffer overflow and the subsequent execution of arbitrary code on the
vulnerable host.
Ease of Attack Simple.
Corrective Action Upgrade to the latest non-affected version of the software.
Additional References  
Rule References url: www.nextgenss.com/advisories/winampheap.txt