CVSS: 9.8EPSS: 6%CPEs: 9EXPL: 3CVE-2004-1150 – NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2004-1150
31 Dec 2004 — Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file. NSFocus Security Team has found a buffer overflow vulnerability in the plug-in by which WinAMP plays CD. An attacker can construct a malicious playlist file that is embedded in a HTML page. If a user is persuaded to click it, then the attacker can gain complete c... • https://packetstorm.news/files/id/35943 •
CVSS: 10.0EPSS: 52%CPEs: 6EXPL: 2CVE-2004-1119 – Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1119
01 Dec 2004 — Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file. • https://www.exploit-db.com/exploits/654 •