The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, which triggers memory corruption.
References
Configurations
Information
Published : 2007-04-10 16:19
Updated : 2018-10-16 09:41
NVD link : CVE-2007-1922
Mitre link : CVE-2007-1922
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
nullsoft
- winamp