CVE-2007-6609

Name of the Vulnerable Software and Affected Versions CoolPlayer versions 217 and earlier

Description The issue is related to multiple stack-based buffer overflows in the CPLI ReadTag OGG function. This allows user-assisted remote attackers to execute arbitrary code via a long cTag or cValue field in an OGG Vorbis file.

Recommendations For CoolPlayer versions 217 and earlier, update to a version later than 217 to resolve the issue. As a temporary workaround, consider avoiding the use of OGG Vorbis files with long cTag or cValue fields until a patch is available. Restrict access to potentially malicious OGG Vorbis files to minimize the risk of exploitation.