CVE-2007-6403
NullSoft Winamp 5.32 - .MP4 Tags Stack Overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certain menu option at the time of the attack.
Desbordamiento de buffer basado en pila en Nullsoft Winamp 5.32 permite que atacantes remotos con la intervención del usuario ejecuten código a su elección usando código unicode manipulado dentro de un fichero .mp4, con etiquetas manipuladas, contenido en un archivo .rar determinado, un problema relacionado con el CVE-2007-2498. NOTA: para que el abuso tenga lugar, la víctima debe seleccionar una determinada opción del menú en el momento del ataque.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-12-08 First Exploit
- 2007-12-17 CVE Reserved
- 2007-12-17 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/3456 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/484776/100/0/threaded | Mailing List | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15562 | Signature |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/4703 | 2007-12-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Winamp Search vendor "Winamp" | Nullsoft Winamp Search vendor "Winamp" for product "Nullsoft Winamp" | 5.32 Search vendor "Winamp" for product "Nullsoft Winamp" and version "5.32" | - |
Affected
| ||||||