Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2412
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.
Nullsoft Winamp 2.80
NA
CVE-2007-4392
Winamp 5.35 allows remote malicious users to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.
Nullsoft Winamp 5.35
NA
CVE-2006-0476
Buffer overflow in Nullsoft Winamp 5.12 allows remote malicious users to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
Nullsoft Winamp 5.12
4 EDB exploits
1 Github repository
NA
CVE-2004-2384
NullSoft Winamp 5.02 allows remote malicious users to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line.
Nullsoft Winamp 5.02
NA
CVE-2010-3137
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, ...
Nullsoft Winamp 5.581
1 EDB exploit
NA
CVE-2007-2180
Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote malicious users to cause a denial of service (crash) via a crafted WMV file.
Nullsoft Winamp 5.3
1 EDB exploit
NA
CVE-2007-6403
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote malicious users to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the vict...
Winamp Nullsoft Winamp 5.32
1 EDB exploit
NA
CVE-2002-1470
SHOUTcast 1.8.9 and previous versions allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.
Nullsoft Shoutcast Server 1.8.9
NA
CVE-2004-1373
Format string vulnerability in SHOUTcast 1.9.4 allows remote malicious users to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
Nullsoft Shoutcast Server 1.9.4
3 EDB exploits
NA
CVE-2003-1174
Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.
Nullsoft Shoutcast Server 1.9.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »