CVE-2002-0547 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Winamp

2 documents2 sources

Severity

7.5HIGHNVD

EPSS

1.7%

top 17.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nullsoft Winamp

Timeline

PublishedJul 3

Latest updateApr 30

Description

Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDnullsoft/winamp2.79

Patches

Patch: www.iss.net ↗Patch: www.securityfocus.com ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-6rf3-jjwc-2qhm: Buffer overflow in the mini-browser for Winamp 2↗2022-04-30

▶