The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value.Referenceshttp://marc.info/?l=bugtraq&m=106305643432112&w=2
