The host is installed with Winamp before 5.57 and is prone to multiple heap-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle crafted samples or crafted instrument definitions in an Impulse Tracker file. Successful exploitation allows attackers to execute arbitrary code.