CVE-2004-2384 — Winamp vulnerability

2 documents2 sources

Severity

5.0MEDIUMNVD

EPSS

1.1%

top 21.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nullsoft Winamp

Timeline

PublishedDec 31

Latest updateApr 29

Description

NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDnullsoft/winamp5.02

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-4r2c-8h46-hvf9: NullSoft Winamp 5↗2022-04-29

▶