CVE-2009-2917

Name of the Vulnerable Software and Affected Versions: ImTOO MPEG Encoder version 3.1.53

Description: A stack-based buffer overflow issue allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted string in a .cue or .m3u playlist file.

Recommendations: For ImTOO MPEG Encoder version 3.1.53, consider avoiding the use of .cue and .m3u playlist files until a patch is available. As a temporary workaround, restrict the processing of these file types to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.