CVE-2006-0720
published 2006-02-23CVE-2006-0720: Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary…
PriorityP336high7.6CVSS 2.0
AVNACHAuNCCICAC
EXPLOIT
EPSS
10.30%
95.1th percentile
Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://forums.winamp.com/showthread.php?threadid=238648http://securityreason.com/securityalert/476http://securitytracker.com/id?1015675http://www.nsfocus.com/english/homepage/research/0601.htmhttp://www.securityfocus.com/archive/1/425888/100/0/threadedhttp://www.securityfocus.com/bid/16785https://exchange.xforce.ibmcloud.com/vulnerabilities/24740http://forums.winamp.com/showthread.php?threadid=238648http://securityreason.com/securityalert/476http://securitytracker.com/id?1015675http://www.nsfocus.com/english/homepage/research/0601.htmhttp://www.securityfocus.com/archive/1/425888/100/0/threadedhttp://www.securityfocus.com/bid/16785https://exchange.xforce.ibmcloud.com/vulnerabilities/24740
2006-02-23
Published