Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
winamp vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-0546
Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote malicious users to execute script via an ID3v1 or ID3v2 tag in an MP3 file.
Nullsoft Winamp 2.79
Nullsoft Winamp 2.78
935
VMScore
CVE-2006-5567
Multiple heap-based buffer overflows in AOL Nullsoft WinAmp prior to 5.31 allow user-assisted remote malicious users to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags.
Nullsoft Winamp 5.24
Nullsoft Winamp 5.3
1 EDB exploit
231
VMScore
CVE-2002-0284
Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.
Nullsoft Winamp 2.77
Nullsoft Winamp 2.78
755
VMScore
CVE-2001-0490
Buffer overflow in WINAMP 2.6x and 2.7x allows malicious users to execute arbitrary code via a long string in an AIP file.
Nullsoft Winamp 2.7x
Nullsoft Winamp 2.6x
1 EDB exploit
765
VMScore
CVE-2006-0720
Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the fi...
Nullsoft Winamp 5.12
Nullsoft Winamp 5.13
1 EDB exploit
725
VMScore
CVE-2000-0049
Buffer overflow in Winamp client allows remote malicious users to execute commands via a long entry in a .pls file.
Nullsoft Winamp 2.0
Nullsoft Winamp 2.10
1 EDB exploit
312
VMScore
CVE-2006-6513
The CControl::Download function (/dl URI) in Winamp Web Interface (Wawi) 7.5.13 and previous versions allows remote authenticated users to download arbitrary file types under the root via a trailing "." (dot) in a filename in the file parameter, related to erroneous beh...
Flippet.org Winamp Web Interface
Flippet.org Winamp Web Interface 7.5.11
Flippet.org Winamp Web Interface 7.5.9
383
VMScore
CVE-2006-6547
Buffer overflow in the readAA function in read_aa.cpp in Winamp iPod Plugin (ml_ipod) 2.00 p19 and previous versions allows remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a long tag in an audible.com audiobook (aa) file.
Mlipod Winamp Ipod Plugin 2.00
Mlipod Winamp Ipod Plugin 2.00 P19
755
VMScore
CVE-2000-0624
Buffer overflow in Winamp 2.64 and previous versions allows remote malicious users to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist.
Nullsoft Winamp
1 EDB exploit
668
VMScore
CVE-2008-3441
Nullsoft Winamp prior to 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Nullsoft Winamp
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »