Winamp is prone to an overflow condition. The 'in_mkv.dll' plugin fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted MKV file containing a crafted string, a context-dependent attacker can potentially execute arbitrary code.
Local / Remote,
Loss of Integrity
Upgrade to version 5.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.