Liu Yexin

**Name of the Vulnerable Software and Affected Versions** Nullsoft Winamp versions 5.12 through 5.13 **Description** The issue is related to a stack-based buffer overflow that can be triggered by a crafted .m3u file, potentially allowing attackers to cause a denial of service or execute arbitrary code when the player pauses or stops the file. This is due to an incorrect `strncpy` function call. **Recommendations** For Nullsoft Winamp versions 5.12 through 5.13, consider avoiding the use of .m3u files from untrusted sources until a patch is available. As a temporary workaround, restrict the playback of .m3u files to minimize the risk of exploitation.