CVE-2007-6403

Name of the Vulnerable Software and Affected Versions Nullsoft Winamp version 5.32

Description The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code. This is achieved through crafted unicode in a .mp4 file with specific tags, contained within a certain .rar archive. For exploitation to occur, the victim must select a particular menu option at the time of the attack.

Recommendations For Nullsoft Winamp version 5.32, consider avoiding the use of .mp4 files with crafted tags until a fix is available. As a temporary workaround, refrain from selecting the specific menu option that enables exploitation when interacting with potentially malicious archives or files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.