Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
winamp vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2002-2412
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.
Nullsoft Winamp 2.80
4.3
CVSSv2
CVE-2007-4392
Winamp 5.35 allows remote malicious users to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.
Nullsoft Winamp 5.35
7.6
CVSSv2
CVE-2005-3188
Buffer overflow in Nullsoft Winamp 5.094 allows remote malicious users to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476.
Nullsoft Winamp 5.094
5
CVSSv2
CVE-2004-2384
NullSoft Winamp 5.02 allows remote malicious users to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line.
Nullsoft Winamp 5.02
9.3
CVSSv2
CVE-2003-1272
Multiple buffer overflows in Winamp 3.0 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter.
Nullsoft Winamp 3.0
5
CVSSv2
CVE-2003-1274
Winamp 3.0 allows remote malicious users to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.
Nullsoft Winamp 3.0
9.3
CVSSv2
CVE-2010-3137
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, ...
Nullsoft Winamp 5.581
1 EDB exploit
7.1
CVSSv2
CVE-2007-2180
Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote malicious users to cause a denial of service (crash) via a crafted WMV file.
Nullsoft Winamp 5.3
1 EDB exploit
3.5
CVSSv2
CVE-2006-6512
Directory traversal vulnerability in the Browse function (/browse URI) in Winamp Web Interface (Wawi) 7.5.13 and previous versions allows remote authenticated users to list arbitrary directories via URL encoded backslashes ("%2F") in the path parameter.
Flippet.org Winamp Web Interface
4.3
CVSSv2
CVE-2017-16951
Winamp Pro 5.66 Build 3512 allows remote malicious users to cause a denial of service via a crafted WAV, WMV, AU, ASF, AIFF, or AIF file.
Audiovalley Winamp Pro 5.66
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »