Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-0546
Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote malicious users to execute script via an ID3v1 or ID3v2 tag in an MP3 file.
Nullsoft Winamp 2.78
Nullsoft Winamp 2.79
935
VMScore
CVE-2006-5567
Multiple heap-based buffer overflows in AOL Nullsoft WinAmp prior to 5.31 allow user-assisted remote malicious users to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags.
Nullsoft Winamp 5.24
Nullsoft Winamp 5.3
1 EDB exploit
231
VMScore
CVE-2002-0284
Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.
Nullsoft Winamp 2.78
Nullsoft Winamp 2.77
445
VMScore
CVE-2006-3535
Directory traversal vulnerability in Nullsoft SHOUTcast DSP prior to 1.9.7 allows remote malicious users to read arbitrary files via unspecified vectors that are a "slight variation" of CVE-2006-3534.
Nullsoft Shoutcast Dsp 1.9.6
Nullsoft Shoutcast Dsp 1.9.5
828
VMScore
CVE-2015-9268
Nullsoft Scriptable Install System (NSIS) prior to 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime.
Nullsoft Nullsoft Scriptable Install System
Debian Debian Linux 8.0
320
VMScore
CVE-2015-9267
Nullsoft Scriptable Install System (NSIS) prior to 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.
Nullsoft Nullsoft Scriptable Install System
Debian Debian Linux 8.0
755
VMScore
CVE-2000-0624
Buffer overflow in Winamp 2.64 and previous versions allows remote malicious users to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist.
Nullsoft Winamp
1 EDB exploit
668
VMScore
CVE-2008-3441
Nullsoft Winamp prior to 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Nullsoft Winamp
668
VMScore
CVE-2012-4045
Multiple heap-based buffer overflows in bmp.w5s in Winamp prior to 5.63 build 3235 allow remote malicious users to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Codec (TSCC) data in an A...
Nullsoft Winamp
668
VMScore
CVE-2002-0547
Buffer overflow in the mini-browser for Winamp 2.79 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
Nullsoft Winamp
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »