CVE-2007-6403

EPSS 3.4%

Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certain menu option at the time of the attack.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/4703unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://securityreason.com/securityalert/3456 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15562 http://www.securityfocus.com/archive/1/484776/100/0/threaded