CVE-2004-1396

Name of the Vulnerable Software and Affected Versions: Winamp version 5.07 Winamp (other versions possibly affected)

Description: The issue allows remote attackers to cause a denial of service, resulting in application crash or CPU consumption. This can be achieved through an mp4 or m4a playlist file containing invalid tag data or an invalid .nsv or .nsa file. A specially crafted file with a size of 1MB and either .nsv or .nsa file extension can consume all CPU resources when opened, leading to loss of availability.

Recommendations: For Winamp version 5.07, avoid opening .nsv or .nsa files from untrusted sources to minimize the risk of exploitation. For other possibly affected versions of Winamp, restrict access to files with .nsv and .nsa extensions until a fix is available. As a temporary workaround, consider disabling the playback of .nsv and .nsa files in Winamp until a patch is available.