Nullsoft

Winamp

61 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2014-3442

Exploit
  • EPSS 11.55%
  • Veröffentlicht 23.05.2014 14:55:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.

7.5

CVE-2013-4694

Exploit
  • EPSS 48.45%
  • Veröffentlicht 16.04.2014 22:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer over...

7.5

CVE-2012-4045

  • EPSS 3.56%
  • Veröffentlicht 22.07.2012 17:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple heap-based buffer overflows in bmp.w5s in Winamp before 5.63 build 3235 allow remote attackers to execute arbitrary code via the (1) strf chunk in BI_RGB or (2) UYVY video data in an AVI file, or (3) decompressed TechSmith Screen Capture Cod...

6.8

CVE-2012-3890

  • EPSS 0.67%
  • Veröffentlicht 11.07.2012 10:26:11
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.

6.8

CVE-2012-3889

  • EPSS 0.67%
  • Veröffentlicht 11.07.2012 10:26:11
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.

10

CVE-2011-4857

  • EPSS 9.24%
  • Veröffentlicht 16.12.2011 19:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party inf...

9.3

CVE-2011-3834

  • EPSS 6.37%
  • Veröffentlicht 16.12.2011 19:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-b...

4.3

CVE-2010-4374

  • EPSS 0.5%
  • Veröffentlicht 02.12.2010 16:22:22
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length.

4.3

CVE-2010-4373

  • EPSS 0.5%
  • Veröffentlicht 02.12.2010 16:22:22
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (1) metadata or (2) albumart in an invalid MP4 file.

9.3

CVE-2010-4372

  • EPSS 0.99%
  • Veröffentlicht 02.12.2010 16:22:22
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vulnerability than CVE-2010-2586.