CVE-2008-3567
published 2008-08-10CVE-2008-3567: Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting…
PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.88%
76.8th percentile
Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting (XSS) attacks via an MP3 file with JavaScript in id3 tags.
Affected
72 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nullsoft | winamp | <= 5.54 | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
| nullsoft | winamp | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://blog.watchfire.com/wfblog/2008/09/winamp-nowplayi.htmlhttp://forums.winamp.com/showthread.php?threadid=295505http://secunia.com/advisories/31371http://www.securityfocus.com/bid/30539https://exchange.xforce.ibmcloud.com/vulnerabilities/44207https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15716http://blog.watchfire.com/wfblog/2008/09/winamp-nowplayi.htmlhttp://forums.winamp.com/showthread.php?threadid=295505http://secunia.com/advisories/31371http://www.securityfocus.com/bid/30539https://exchange.xforce.ibmcloud.com/vulnerabilities/44207https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15716
2008-08-10
Published