Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft winamp 3.1 vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv2
CVE-2004-1896
Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 up to and including 5.02 allows remote malicious users to execute arbitrary code via a Fasttracker 2 (.xm) mod media file.
Nullsoft Winamp 3.1
Nullsoft Winamp 5.0.1
Nullsoft Winamp 2.91
Nullsoft Winamp 3.0
Nullsoft Winamp 5.0.2
7.5
CVSSv2
CVE-2003-0765
The IN_MIDI.DLL plugin 3.01 and previous versions, as used in Winamp 2.91, allows remote malicious users to execute arbitrary code via a MIDI file with a large "Track data size" value.
Nullsoft Winamp 3.0
Nullsoft Winamp 3.1
Nullsoft Winamp 2.81
Nullsoft Winamp 2.91
1 EDB exploit
6.4
CVSSv2
CVE-2002-2392
Winamp 2.65 up to and including 3.0 stores skin files in a predictable file location, which allows remote malicious users to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code.
Nullsoft Winamp 2.75
Nullsoft Winamp 2.77
Nullsoft Winamp 2.78
Nullsoft Winamp 2.79
Nullsoft Winamp 2.80
Nullsoft Winamp 3.1
Nullsoft Winamp 2.70
Nullsoft Winamp 2.71
Nullsoft Winamp 2.72
Nullsoft Winamp 2.73
Nullsoft Winamp 2.65
Nullsoft Winamp 2.74
Nullsoft Winamp 2.76
4.6
CVSSv2
CVE-2004-0820
Winamp prior to 5.0.4 allows remote malicious users to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
Nullsoft Winamp 2.4
Nullsoft Winamp 2.50
Nullsoft Winamp 2.64
Nullsoft Winamp 2.65
Nullsoft Winamp 2.70
Nullsoft Winamp 2.75
Nullsoft Winamp 2.76
Nullsoft Winamp 3.0
Nullsoft Winamp 3.1
Nullsoft Winamp 2.60
Nullsoft Winamp 2.61
Nullsoft Winamp 2.72
Nullsoft Winamp 2.73
Nullsoft Winamp 2.79
Nullsoft Winamp 2.80
Nullsoft Winamp 5.03
Nullsoft Winamp 5.04
Nullsoft Winamp 2.5e
Nullsoft Winamp 2.71
Nullsoft Winamp 2.77
Nullsoft Winamp 2.78
Nullsoft Winamp 5.01
1 EDB exploit
9.3
CVSSv2
CVE-2006-3228
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote malicious users to execute arbitrary code via a crafted .mid (MIDI) file.
Nullsoft Winamp 2.91
Nullsoft Winamp 2.95
Nullsoft Winamp 5.02
Nullsoft Winamp 5.03
Nullsoft Winamp 5.08e
Nullsoft Winamp 5.09
Nullsoft Winamp 5.0
Nullsoft Winamp 2.90
Nullsoft Winamp 5.0.2
Nullsoft Winamp 5.01
Nullsoft Winamp 5.08c
Nullsoft Winamp 5.08d
Nullsoft Winamp 5.11
Nullsoft Winamp 5.12
Nullsoft Winamp 5.13
Nullsoft Winamp 5.2
Nullsoft Winamp 5.0.1
Nullsoft Winamp 5.05
Nullsoft Winamp 5.06
Nullsoft Winamp 5.07
Nullsoft Winamp 5.094
Nullsoft Winamp 5.1
1 EDB exploit
4.3
CVSSv2
CVE-2008-3567
Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp prior to 5.541 allows remote malicious users to conduct cross-site scripting (XSS) attacks via an MP3 file with JavaScript in id3 tags.
Nullsoft Winamp 2.50
Nullsoft Winamp 2.5e
Nullsoft Winamp 2.70
Nullsoft Winamp 2.71
Nullsoft Winamp 2.78
Nullsoft Winamp 2.79
Nullsoft Winamp 3.1
Nullsoft Winamp 5.0
Nullsoft Winamp 5.04
Nullsoft Winamp 5.05
Nullsoft Winamp 5.09
Nullsoft Winamp 5.091
Nullsoft Winamp 5.13
Nullsoft Winamp 5.2
Nullsoft Winamp 5.32
Nullsoft Winamp 5.33
Nullsoft Winamp 5.53
Nullsoft Winamp
Nullsoft Winamp 2.0
Nullsoft Winamp 2.62
Nullsoft Winamp 2.64
Nullsoft Winamp 2.74
9.3
CVSSv2
CVE-2009-1831
The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp prior to 5.552 allows remote malicious users to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow.
Nullsoft Winamp 5.09
Nullsoft Winamp 5.08e
Nullsoft Winamp 5.03a
Nullsoft Winamp 5.03
Nullsoft Winamp 2.95
Nullsoft Winamp 3.0
Nullsoft Winamp 2.78
Nullsoft Winamp 2.75
Nullsoft Winamp 2.65
Nullsoft Winamp 2.64
Nullsoft Winamp 2.10
Nullsoft Winamp 2.50
Nullsoft Winamp 2.4
Nullsoft Winamp 5.52
Nullsoft Winamp 5.35
Nullsoft Winamp 5.08
Nullsoft Winamp 5.093
Nullsoft Winamp 5.091
Nullsoft Winamp 5.22
Nullsoft Winamp 5.21
Nullsoft Winamp 5.07
Nullsoft Winamp 5.06
5 EDB exploits
10
CVSSv2
CVE-2009-0263
Multiple buffer overflows in Winamp 5.541 and previous versions allow remote malicious users to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file.
Nullsoft Winamp 2.24
Nullsoft Winamp 2.10
Nullsoft Winamp 2.62
Nullsoft Winamp 2.64
Nullsoft Winamp 5.0
Nullsoft Winamp 3.1
Nullsoft Winamp 2.73
Nullsoft Winamp 2.91
Nullsoft Winamp 2.75
Nullsoft Winamp 2.76
Nullsoft Winamp 5.08d
Nullsoft Winamp 5.08c
Nullsoft Winamp 5.08
Nullsoft Winamp 5.01
Nullsoft Winamp 5.5
Nullsoft Winamp 5.51
Nullsoft Winamp 5.112
Nullsoft Winamp 5.31
Nullsoft Winamp 5.52
Nullsoft Winamp 5.53
Nullsoft Winamp 2.5e
Nullsoft Winamp 2.60
1 EDB exploit
9.3
CVSSv2
CVE-2009-3995
Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp prior to 5.57, and libmikmod 3.1.12, might allow remote malicious users to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file...
Nullsoft Winamp 5.551
Nullsoft Winamp 5.531
Nullsoft Winamp 5.51
Nullsoft Winamp 5.55
Nullsoft Winamp 5.08d
Nullsoft Winamp 5.08c
Nullsoft Winamp 5.01
Nullsoft Winamp 2.80
Nullsoft Winamp 2.91
Nullsoft Winamp 2.73
Nullsoft Winamp 2.76
Nullsoft Winamp 2.60
Nullsoft Winamp 2.6x
Nullsoft Winamp 2.0
Nullsoft Winamp 2.62
Nullsoft Winamp 2.64
Nullsoft Winamp 2.92
Nullsoft Winamp 2.9
Nullsoft Winamp 5.1
Nullsoft Winamp 5.08
Nullsoft Winamp 5.093
Nullsoft Winamp 5.091
9.3
CVSSv2
CVE-2009-3996
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp prior to 5.57, and libmikmod 3.1.12, might allow remote malicious users to execute arbitrary code via an Ultratracker file.
Nullsoft Winamp 5.551
Nullsoft Winamp 5.531
Nullsoft Winamp 5.51
Nullsoft Winamp 5.55
Nullsoft Winamp 5.07
Nullsoft Winamp 5.08c
Nullsoft Winamp 5.0.2
Nullsoft Winamp 5.01
Nullsoft Winamp 2.80
Nullsoft Winamp 2.73
Nullsoft Winamp 2.74
Nullsoft Winamp 2.60
Nullsoft Winamp 2.6x
Nullsoft Winamp 2.0
Nullsoft Winamp 2.64
Nullsoft Winamp 2.70
Nullsoft Winamp 2.9
Nullsoft Winamp 5.1
Nullsoft Winamp 5.08
Nullsoft Winamp 5.091
Nullsoft Winamp 5.21
Nullsoft Winamp 5.24
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »