Koyote Soft · Free Mp3 Cd Ripper · CVE-2011-5165
**Name of the Vulnerable Software and Affected Versions**
Free MP3 CD Ripper versions 1.1, 2.6 and earlier
**Description**
The issue is a stack-based buffer overflow that occurs when converting a file, allowing user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
**Recommendations**
For Free MP3 CD Ripper versions 1.1, 2.6 and earlier, avoid using the file conversion feature with untrusted .wav files until a patch is available.
As a temporary workaround, consider restricting the use of the file conversion feature to minimize the risk of exploitation.