CVSS: 7.6EPSS: 24%CPEs: 5EXPL: 0CVE-2004-1896
https://notcve.org/view.php?id=CVE-2004-1896
Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file. • http://marc.info/?l=bugtraq&m=108118289208693&w=2 http://secunia.com/advisories/11285 http://securitytracker.com/id?1009660 http://www.nextgenss.com/advisories/winampheap.txt http://www.osvdb.org/4944 http://www.securityfocus.com/bid/10045 https://exchange.xforce.ibmcloud.com/vulnerabilities/15727 •
CVSS: 5.1EPSS: 0%CPEs: 9EXPL: 2CVE-2004-1150 – NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2004-1150
Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file. • https://www.exploit-db.com/exploits/25061 http://marc.info/?l=bugtraq&m=110684140108614&w=2 http://secunia.com/advisories/13781 http://www.nsfocus.com/english/homepage/research/0501.htm http://www.securityfocus.com/bid/12381 http://www.winamp.com/player/version_history.php https://exchange.xforce.ibmcloud.com/vulnerabilities/18840 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2004-2384
https://notcve.org/view.php?id=CVE-2004-2384
NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line. • http://www.securityfocus.com/archive/1/357986 http://www.securityfocus.com/archive/1/358097 http://www.securityfocus.com/bid/9920 https://exchange.xforce.ibmcloud.com/vulnerabilities/15541 •
CVSS: 2.6EPSS: 1%CPEs: 1EXPL: 1CVE-2004-1396
https://notcve.org/view.php?id=CVE-2004-1396
Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file. • http://forums.winamp.com/showthread.php?s=&threadid=202007 http://marc.info/?l=bugtraq&m=110297310503541&w=2 http://marc.info/?l=full-disclosure&m=110303988101973&w=2 http://securitytracker.com/alerts/2004/Dec/1012525.html http://www.kb.cert.org/vuls/id/372968 http://www.securityfocus.com/bid/11909 https://exchange.xforce.ibmcloud.com/vulnerabilities/18466 https://exchange.xforce.ibmcloud.com/vulnerabilities/18467 •
CVSS: 10.0EPSS: 88%CPEs: 6EXPL: 2CVE-2004-1119 – Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1119
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file. • https://www.exploit-db.com/exploits/654 http://archives.neohapsis.com/archives/bugtraq/2004-11/0369.html http://marc.info/?l=bugtraq&m=110123330404482&w=2 http://marc.info/?l=bugtraq&m=110146036300803&w=2 http://marc.info/?l=ntbugtraq&m=110126352412395&w=2 http://marc.info/?l=ntbugtraq&m=110135574326217&w=2 http://secunia.com/advisories/13269 http://www.kb.cert.org/vuls/id/986504 http://www.security-assessment.com/Papers/Winamp_IN_CDDA_Buffer_Overflow.pdf http& •