Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft winamp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0765
The IN_MIDI.DLL plugin 3.01 and previous versions, as used in Winamp 2.91, allows remote malicious users to execute arbitrary code via a MIDI file with a large "Track data size" value.
Nullsoft Winamp 3.1
Nullsoft Winamp 2.91
Nullsoft Winamp 2.81
Nullsoft Winamp 3.0
1 EDB exploit
NA
CVE-2002-1524
Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote malicious users to execute arbitrary code via a skin file (.wal) with a long include file tag.
Nullsoft Winamp 3.0
NA
CVE-2002-2195
Buffer overflow in the version update check for Winamp 2.80 and previous versions allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.
Nullsoft Winamp 2.70
Nullsoft Winamp 2.72
Nullsoft Winamp 2.73
Nullsoft Winamp 2.75
Nullsoft Winamp 2.62
Nullsoft Winamp 2.65
Nullsoft Winamp 2.76
Nullsoft Winamp 2.80
Nullsoft Winamp 2.74
Nullsoft Winamp 2.71
Nullsoft Winamp 2.78
Nullsoft Winamp 2.61
Nullsoft Winamp 2.79
Nullsoft Winamp 2.60
Nullsoft Winamp 2.64
1 EDB exploit
NA
CVE-2002-2412
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.
Nullsoft Winamp 2.80
NA
CVE-2002-2392
Winamp 2.65 up to and including 3.0 stores skin files in a predictable file location, which allows remote malicious users to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code.
Nullsoft Winamp 2.72
Nullsoft Winamp 2.73
Nullsoft Winamp 2.75
Nullsoft Winamp 2.65
Nullsoft Winamp 3.1
Nullsoft Winamp 2.76
Nullsoft Winamp 2.80
Nullsoft Winamp 2.74
Nullsoft Winamp 2.71
Nullsoft Winamp 2.78
Nullsoft Winamp 2.77
Nullsoft Winamp 2.70
Nullsoft Winamp 2.79
NA
CVE-2002-1176
Buffer overflow in Winamp 2.81 allows remote malicious users to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file.
Nullsoft Winamp 2.81
NA
CVE-2002-1177
Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote malicious users to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.
Nullsoft Winamp 3.0
NA
CVE-2002-0546
Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote malicious users to execute script via an ID3v1 or ID3v2 tag in an MP3 file.
Nullsoft Winamp 2.78
Nullsoft Winamp 2.79
NA
CVE-2002-0547
Buffer overflow in the mini-browser for Winamp 2.79 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
Nullsoft Winamp
NA
CVE-2002-0284
Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.
Nullsoft Winamp 2.78
Nullsoft Winamp 2.77
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »