CVSS: 4.3EPSS: 0%CPEs: 72EXPL: 0CVE-2008-3567
https://notcve.org/view.php?id=CVE-2008-3567
Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting (XSS) attacks via an MP3 file with JavaScript in id3 tags. Una vulnerabilidad de tipo cross-zone scripting en la función NowPlaying en NullSoft Winamp anterior a versión 5.541, permite a los atacantes remotos conducir ataques de tipo cross-site scripting (XSS) por medio de un archivo MP3 con JavaScript en etiquetas id3. • http://blog.watchfire.com/wfblog/2008/09/winamp-nowplayi.html http://forums.winamp.com/showthread.php?threadid=295505 http://secunia.com/advisories/31371 http://www.securityfocus.com/bid/30539 https://exchange.xforce.ibmcloud.com/vulnerabilities/44207 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15716 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-3441
https://notcve.org/view.php?id=CVE-2008-3441
Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. Nullsoft Winamp anterior a 5.24 no verifica adecuadamente la autenticidad de las actualizaciones, lo cual permite a atacantes de tipo 'hombre en el medio' (man-in-the-middle) ejecutar código de su elección a través de la actualización de un Caballo de Troya, como se demuestra por el grado de daño y el envenenamiento de la caché DNS. • http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html http://securitytracker.com/id?1020582 http://www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf http://www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15225 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 44%CPEs: 2EXPL: 0CVE-2007-4619 – FLAC Integer overflows
https://notcve.org/view.php?id=CVE-2007-4619
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow. Múltiples desbordamientos de entero en Free Lossless Audio Codec (FLAC) libFLAC versiones anteriores a 1.2.1, como se usan Winamp versiones anteriores a 5.5 y otros productos, permiten a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un fichero FLAC malformado que dispara una ubicación de memoria inapropiada, resultando en un desbordamiento de búfer basado en montículo. • http://bugzilla.redhat.com/show_bug.cgi?id=331991 http://flac.sourceforge.net/changelog.html#flac_1_2_1 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://secunia.com/advisories/27210 http://secunia.com/advisories/27223 http://secunia.com/advisories/27355 http://secunia.com/advisories/27399 http://secunia.com/advisories/27507 http://secunia.com/advisories/27601 http://secunia. • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 89%CPEs: 30EXPL: 1CVE-2006-3228 – Winamp 5.21 - '.Midi' File Header Handling Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-3228
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file. Desbordamiento de búfer en in_midi.dll para WinAmp v2.90 hasta v5.23, incluyendo v5.21, permite a atacantes remotos ejecutar código de su elección a través de un fichero manipulado .mi (MIDI). • https://www.exploit-db.com/exploits/1935 http://forums.winamp.com/showthread.php?threadid=248100 http://secunia.com/advisories/20722 http://www.attrition.org/pipermail/vim/2006-June/000892.html http://www.attrition.org/pipermail/vim/2006-June/000893.html http://www.winamp.com/about/article.php?aid=10694 •
CVSS: 9.3EPSS: 94%CPEs: 4EXPL: 3CVE-2005-2310 – NullSoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2310
Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE. Desbordamiento de búfer en Winamp 5.03a, 5.09 y 5.091 permite que atacantes remotos ejecuten código arbitrario mediante un fichero MP3 con un tag ID3v2 largo. • https://www.exploit-db.com/exploits/25989 http://secunia.com/advisories/16077 http://security.lss.hr/index.php?page=details&ID=LSS-2005-07-14 http://securitytracker.com/id?1014483 http://www.osvdb.org/17897 http://www.securityfocus.com/bid/14276 http://www.vupen.com/english/advisories/2005/1106 http://www.winamp.com/player/version_history.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •