Loading
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.
Use Nullsoft vendor hub and Winamp product page to widen CVE-2010-3137 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2011-4857, CVE-2011-3834 and CVE-2010-4372 for nearby disclosures in the same product family.