Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft winamp vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-6403
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote malicious users to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the vict...
Winamp Nullsoft Winamp 5.32
1 EDB exploit
7.5
CVSSv2
CVE-2012-4045
Multiple heap-based buffer overflows in bmp.w5s in Winamp prior to 5.63 build 3235 allow remote malicious users to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an A...
Nullsoft Winamp
7.5
CVSSv2
CVE-2000-0624
Buffer overflow in Winamp 2.64 and previous versions allows remote malicious users to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist.
Nullsoft Winamp
1 EDB exploit
7.5
CVSSv2
CVE-2008-3441
Nullsoft Winamp prior to 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Nullsoft Winamp
7.5
CVSSv2
CVE-2002-0547
Buffer overflow in the mini-browser for Winamp 2.79 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
Nullsoft Winamp
9.3
CVSSv2
CVE-2003-1272
Multiple buffer overflows in Winamp 3.0 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter.
Nullsoft Winamp 3.0
5
CVSSv2
CVE-2003-1274
Winamp 3.0 allows remote malicious users to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.
Nullsoft Winamp 3.0
9.3
CVSSv2
CVE-2010-3137
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, ...
Nullsoft Winamp 5.581
1 EDB exploit
4.3
CVSSv2
CVE-2007-4392
Winamp 5.35 allows remote malicious users to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.
Nullsoft Winamp 5.35
7.6
CVSSv2
CVE-2006-0476
Buffer overflow in Nullsoft Winamp 5.12 allows remote malicious users to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
Nullsoft Winamp 5.12
4 EDB exploits
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »