Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 up to and including 5.08c allows malicious users to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nullsoft winamp 5.06
nullsoft winamp 5.07
nullsoft winamp 5.0
nullsoft winamp 5.01
nullsoft winamp 5.08c
nullsoft winamp 5.04
nullsoft winamp 5.05
nullsoft winamp 5.02
nullsoft winamp 5.03

source: wwwsecurityfocuscom/bid/12381/info A remote buffer overflow vulnerability affects the IN_CDDAdll library of Nullsoft's Winamp This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers It should be noted that this issue is not rela ...

NVD-CWE-Other http://www.nsfocus.com/english/homepage/research/0501.htm http://www.winamp.com/player/version_history.php http://www.securityfocus.com/bid/12381 http://secunia.com/advisories/13781 http://marc.info/?l=bugtraq&m=110684140108614&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18840 https://nvd.nist.gov https://www.exploit-db.com/exploits/25061/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1150

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect