Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

nullsoft winamp 2.91 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2003-0765
The IN_MIDI.DLL plugin 3.01 and previous versions, as used in Winamp 2.91, allows remote malicious users to execute arbitrary code via a MIDI file with a large "Track data size" value.
Nullsoft Winamp 3.0Nullsoft Winamp 3.1Nullsoft Winamp 2.81Nullsoft Winamp 2.91
NA
CVE-2004-1896
Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 up to and including 5.02 allows remote malicious users to execute arbitrary code via a Fasttracker 2 (.xm) mod media file.
Nullsoft Winamp 3.1Nullsoft Winamp 5.0.1Nullsoft Winamp 2.91Nullsoft Winamp 3.0Nullsoft Winamp 5.0.2
NA
CVE-2004-0820
Winamp prior to 5.0.4 allows remote malicious users to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
Nullsoft Winamp 2.4Nullsoft Winamp 2.50Nullsoft Winamp 2.64Nullsoft Winamp 2.65Nullsoft Winamp 2.70Nullsoft Winamp 2.75Nullsoft Winamp 2.76Nullsoft Winamp 3.0Nullsoft Winamp 3.1Nullsoft Winamp 2.60Nullsoft Winamp 2.61Nullsoft Winamp 2.72Nullsoft Winamp 2.73Nullsoft Winamp 2.79Nullsoft Winamp 2.80Nullsoft Winamp 5.03Nullsoft Winamp 5.04Nullsoft Winamp 2.5eNullsoft Winamp 2.71Nullsoft Winamp 2.77Nullsoft Winamp 2.78Nullsoft Winamp 5.01
NA
CVE-2006-3228
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote malicious users to execute arbitrary code via a crafted .mid (MIDI) file.
Nullsoft Winamp 2.91Nullsoft Winamp 2.95Nullsoft Winamp 5.02Nullsoft Winamp 5.03Nullsoft Winamp 5.08eNullsoft Winamp 5.09Nullsoft Winamp 5.0Nullsoft Winamp 2.90Nullsoft Winamp 5.0.2Nullsoft Winamp 5.01Nullsoft Winamp 5.08cNullsoft Winamp 5.08dNullsoft Winamp 5.11Nullsoft Winamp 5.12Nullsoft Winamp 5.13Nullsoft Winamp 5.2Nullsoft Winamp 5.0.1Nullsoft Winamp 5.05Nullsoft Winamp 5.06Nullsoft Winamp 5.07Nullsoft Winamp 5.094Nullsoft Winamp 5.1
NA
CVE-2011-4857
Heap-based buffer overflow in the in_mod.dll plugin in Winamp prior to 5.623 allows remote malicious users to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information.
Nullsoft Winamp 5.05Nullsoft Winamp 5.04Nullsoft Winamp 0.20aNullsoft Winamp 5.0Nullsoft Winamp 5.572Nullsoft Winamp 2.91Nullsoft Winamp 5.56Nullsoft Winamp 2.92Nullsoft Winamp 5.53Nullsoft Winamp 5.52Nullsoft Winamp 5.11Nullsoft Winamp 5.2Nullsoft Winamp 5.32Nullsoft Winamp 5.22Nullsoft Winamp 5.07Nullsoft Winamp 5.06Nullsoft Winamp 1.006Nullsoft Winamp 1.90Nullsoft Winamp 5.58Nullsoft Winamp 5.09Nullsoft Winamp 5.08eNullsoft Winamp 0.92
NA
CVE-2011-3834
Multiple integer overflows in the in_avi.dll plugin in Winamp prior to 5.623 allow remote malicious users to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.
Nullsoft Winamp 5.06Nullsoft Winamp 5.05Nullsoft Winamp 0.20aNullsoft Winamp 5.0Nullsoft Winamp 5.572Nullsoft Winamp 2.91Nullsoft Winamp 5.531Nullsoft Winamp 5.56Nullsoft Winamp 5.53Nullsoft Winamp 5.52Nullsoft Winamp 5.11Nullsoft Winamp 5.2Nullsoft Winamp 5.33Nullsoft Winamp 5.32Nullsoft Winamp 5.07Nullsoft Winamp 1.006Nullsoft Winamp 1.90Nullsoft Winamp 5.58Nullsoft Winamp 2.95Nullsoft Winamp 5.55Nullsoft Winamp 5.551Nullsoft Winamp 5.5
NA
CVE-2012-3890
The in_mod plugin in Winamp prior to 5.63 allows remote malicious users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.
Nullsoft Winamp 5.56Nullsoft Winamp 5.55Nullsoft Winamp 5.51Nullsoft Winamp 5.31Nullsoft Winamp 5.3Nullsoft Winamp 5.111Nullsoft Winamp 5.112Nullsoft Winamp 5.09Nullsoft Winamp 5.08eNullsoft Winamp 5.093Nullsoft Winamp 5.091Nullsoft Winamp 2.9Nullsoft Winamp 5.59Nullsoft Winamp 5.581Nullsoft Winamp 5.54Nullsoft Winamp 5.35Nullsoft Winamp 5.34Nullsoft Winamp 5.21Nullsoft Winamp 5.24Nullsoft Winamp 5.13Nullsoft Winamp 5.07Nullsoft Winamp 5.572
NA
CVE-2012-3889
The in_mod plugin in Winamp prior to 5.63 allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.
Nullsoft Winamp 5.61Nullsoft Winamp 5.59Nullsoft Winamp 5.54Nullsoft Winamp 5.36Nullsoft Winamp 5.35Nullsoft Winamp 5.22Nullsoft Winamp 5.21Nullsoft Winamp 5.24Nullsoft Winamp 5.13Nullsoft Winamp 5.07Nullsoft Winamp 5.08cNullsoft Winamp 5.0Nullsoft Winamp 2.91Nullsoft Winamp 2.0Nullsoft Winamp 0.20aNullsoft Winamp 0.92Nullsoft Winamp 5.56Nullsoft Winamp 5.55Nullsoft Winamp 5.52Nullsoft Winamp 5.51Nullsoft Winamp 5.32Nullsoft Winamp 5.31
NA
CVE-2010-2586
Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp prior to 5.6 allow remote malicious users to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.
Nullsoft Winamp 5.06Nullsoft Winamp 5.05Nullsoft Winamp 1.90Nullsoft Winamp 0.20aNullsoft Winamp 5.572Nullsoft Winamp 2.91Nullsoft Winamp 5.56Nullsoft Winamp 2.92Nullsoft Winamp 5.53Nullsoft Winamp 5.52Nullsoft Winamp 5.2Nullsoft Winamp 5.13Nullsoft Winamp 5.32Nullsoft Winamp 5.22Nullsoft Winamp 5.04Nullsoft Winamp 5.09Nullsoft Winamp 5.0Nullsoft Winamp 0.92Nullsoft Winamp 5.552Nullsoft Winamp 2.0Nullsoft Winamp 2.9Nullsoft Winamp 5.1
NA
CVE-2010-4370
Multiple integer overflows in the in_midi plugin in Winamp prior to 5.6 allow remote malicious users to execute arbitrary code via a crafted MIDI file that triggers a buffer overflow.
Nullsoft Winamp 5.06Nullsoft Winamp 5.05Nullsoft Winamp 1.90Nullsoft Winamp 0.20aNullsoft Winamp 5.0Nullsoft Winamp 5.572Nullsoft Winamp 2.91Nullsoft Winamp 5.56Nullsoft Winamp 2.92Nullsoft Winamp 5.52Nullsoft Winamp 5.111Nullsoft Winamp 5.2Nullsoft Winamp 5.13Nullsoft Winamp 5.32Nullsoft Winamp 5.22Nullsoft Winamp 5.04Nullsoft Winamp 5.09Nullsoft Winamp 0.92Nullsoft Winamp 5.03Nullsoft Winamp 5.552Nullsoft Winamp 2.0Nullsoft Winamp 2.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook