Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-1176
Buffer overflow in Winamp 2.81 allows remote malicious users to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file.
Nullsoft Winamp 2.81
7.5
CVSSv2
CVE-2002-1177
Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote malicious users to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.
Nullsoft Winamp 3.0
7.6
CVSSv2
CVE-2006-0476
Buffer overflow in Nullsoft Winamp 5.12 allows remote malicious users to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
Nullsoft Winamp 5.12
4 EDB exploits
1 Github repository
9.3
CVSSv2
CVE-2010-3137
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, ...
Nullsoft Winamp 5.581
1 EDB exploit
7.5
CVSSv2
CVE-2002-1524
Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote malicious users to execute arbitrary code via a skin file (.wal) with a long include file tag.
Nullsoft Winamp 3.0
7.6
CVSSv2
CVE-2005-3188
Buffer overflow in Nullsoft Winamp 5.094 allows remote malicious users to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476.
Nullsoft Winamp 5.094
9.3
CVSSv2
CVE-2003-1272
Multiple buffer overflows in Winamp 3.0 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter.
Nullsoft Winamp 3.0
5
CVSSv2
CVE-2003-1274
Winamp 3.0 allows remote malicious users to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.
Nullsoft Winamp 3.0
2.6
CVSSv2
CVE-2004-1396
Winamp 5.07 and possibly other versions, allows remote malicious users to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.
Nullsoft Winamp 5.07
2.1
CVSSv2
CVE-2002-2412
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.
Nullsoft Winamp 2.80
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »