Nullsoft

Winamp

61 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2007-1922

  • EPSS 15.64%
  • Veröffentlicht 10.04.2007 23:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, w...

9.3

CVE-2007-1921

  • EPSS 15.1%
  • Veröffentlicht 10.04.2007 23:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other products, allows remote attackers to execute arbitrary code via a crafted .MAT file that contains a value that is used as an offset, which triggers memory corruption.

9.3

CVE-2006-5567

  • EPSS 37.45%
  • Veröffentlicht 27.10.2006 16:07:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags.

9.3

CVE-2006-3228

  • EPSS 9.1%
  • Veröffentlicht 26.06.2006 20:05:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file.

7.6

CVE-2006-0720

  • EPSS 13.91%
  • Veröffentlicht 23.02.2006 21:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the playe...

9.3

CVE-2006-0708

Exploit
  • EPSS 16.22%
  • Veröffentlicht 15.02.2006 11:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an...

7.6

CVE-2006-0476

  • EPSS 88.57%
  • Veröffentlicht 31.01.2006 11:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).

7.6

CVE-2005-3188

Exploit
  • EPSS 27.05%
  • Veröffentlicht 31.12.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-20...

9.3

CVE-2005-2310

Exploit
  • EPSS 7.72%
  • Veröffentlicht 19.07.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.

10

CVE-2004-1119

Exploit
  • EPSS 52.16%
  • Veröffentlicht 10.01.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.