Just found out about this via an email from Bill Mullins and updated my Winamp Pro.

Grab this update
You Must Be Registered and Logged On To View "URL" BBCode Contents...


You can read more about in the PC World article (Mullins' source)
You Must Be Registered and Logged On To View "URL" BBCode Contents...


All three vulnerabilities were confirmed in Winamp 5.622, but older versions could also be affected. They are located in the application's in_avi.dll and in_mod.dll libraries and can trigger heap-based buffer overflows.

An attacker could exploit these vulnerabilities by tricking victims into opening specially crafted AVI or Impulse Tracker (IT) files. The remote attack vectors include malicious files stored on network shares and WebDAV resources, but also rogue playlists hosted on the Web.