CVE-2006-2910

Name of the Vulnerable Software and Affected Versions jetAudio versions 6.2.6.8330 and possibly other versions

Description The issue allows user-assisted attackers to execute arbitrary code via an audio file, such as WMA, with long ID Tag values including Title, Author, and Album. This triggers an overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.

Recommendations For version 6.2.6.8330, consider disabling the playback of audio files with long ID Tag values until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.