CVE-2006-3925

Name of the Vulnerable Software and Affected Versions InterActual Player versions prior to 2.6

Description The issue is related to a stack-based buffer overflow in the ITIRecorder.MicRecorder ActiveX control, which is part of the iarecord.dll in InterActual Player. This can be exploited by remote attackers to execute arbitrary code by providing a long argument to the Files method.

Recommendations For versions prior to 2.6, update to version 2.6 or later to resolve the issue. As a temporary workaround, consider disabling the Files method in the ITIRecorder.MicRecorder ActiveX control until a patch is available. Restrict access to the iarecord.dll module to minimize the risk of exploitation.