Nullsoft · Winamp · CVE-2006-0720
**Name of the Vulnerable Software and Affected Versions**
Nullsoft Winamp versions 5.12 through 5.13
**Description**
The issue is related to a stack-based buffer overflow that can be triggered by a crafted .m3u file, potentially allowing attackers to cause a denial of service or execute arbitrary code when the player pauses or stops the file. This is due to an incorrect `strncpy` function call.
**Recommendations**
For Nullsoft Winamp versions 5.12 through 5.13, consider avoiding the use of .m3u files from untrusted sources until a patch is available. As a temporary workaround, restrict the playback of .m3u files to minimize the risk of exploitation.