7.6

CVE-2006-0720

Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
NullsoftWinamp Version5.12
NullsoftWinamp Version5.13
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.31% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.6 4.9 10
AV:N/AC:H/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://exchange.xforce.ibmcloud.com/vulnerabilities/24740
http://forums.winamp.com/showthread.php?threadid=238648
http://securityreason.com/securityalert/476
http://securitytracker.com/id?1015675
Patch
http://www.nsfocus.com/english/homepage/research/0601.htm
http://www.securityfocus.com/archive/1/425888/100/0/threaded
http://www.securityfocus.com/bid/16785
Patch