Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nullsoft vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1273
Winamp 3.0 allows remote malicious users to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters.
Nullsoft Winamp 3.0
NA
CVE-2003-1274
Winamp 3.0 allows remote malicious users to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.
Nullsoft Winamp 3.0
NA
CVE-2010-3137
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, ...
Nullsoft Winamp 5.581
1 EDB exploit
NA
CVE-2006-0476
Buffer overflow in Nullsoft Winamp 5.12 allows remote malicious users to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
Nullsoft Winamp 5.12
4 EDB exploits
1 Github repository
NA
CVE-2004-1396
Winamp 5.07 and possibly other versions, allows remote malicious users to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.
Nullsoft Winamp 5.07
NA
CVE-2004-2384
NullSoft Winamp 5.02 allows remote malicious users to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line.
Nullsoft Winamp 5.02
NA
CVE-1999-1561
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.
Nullsoft Shoutcast Server 1.9.7
NA
CVE-2002-0907
Buffer overflow in SHOUTcast 1.8.9 and other versions prior to 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-".
Nullsoft Shoutcast Server 1.8.9
1 EDB exploit
NA
CVE-2002-1470
SHOUTcast 1.8.9 and previous versions allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.
Nullsoft Shoutcast Server 1.8.9
NA
CVE-2007-6403
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote malicious users to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the vict...
Winamp Nullsoft Winamp 5.32
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »