Loading
The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, which triggers memory corruption.
Use CWE-20, Nullsoft vendor hub and Winamp product page to widen CVE-2007-1922 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2011-4857, CVE-2011-3834 and CVE-2010-4372 for nearby disclosures in the same product family.