Winamp Nullsoft Winamp vulnerabilities
2 known vulnerabilities affecting winamp/nullsoft_winamp.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-0065CRITICALCVSS 10.0PoCv5.5v5.21+1 more2008-01-22
CVE-2008-0065 [CRITICAL] CWE-119 CVE-2008-0065: Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attac
Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles.
nvd
CVE-2007-6403MEDIUMCVSS 6.8PoCv5.322007-12-17
CVE-2007-6403 [MEDIUM] CVE-2007-6403: Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certain menu option at the time of the attack.
nvd