CVSS: 9.8EPSS: 6%CPEs: 9EXPL: 2CVE-2004-1150 – NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2004-1150
31 Dec 2004 — Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file. • https://www.exploit-db.com/exploits/25061 •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 1CVE-2004-1396
https://notcve.org/view.php?id=CVE-2004-1396
31 Dec 2004 — Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file. • http://forums.winamp.com/showthread.php?s=&threadid=202007 •
CVSS: 10.0EPSS: 42%CPEs: 6EXPL: 2CVE-2004-1119 – Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1119
01 Dec 2004 — Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file. • https://www.exploit-db.com/exploits/654 •
CVSS: 9.8EPSS: 4%CPEs: 33EXPL: 1CVE-2004-0820 – Winamp 5.04 - '.wsz' Skin File Remote Code Execution
https://notcve.org/view.php?id=CVE-2004-0820
28 Aug 2004 — Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. • https://www.exploit-db.com/exploits/418 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2003-1272
https://notcve.org/view.php?id=CVE-2003-1272
31 Dec 2003 — Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0025.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1273
https://notcve.org/view.php?id=CVE-2003-1273
31 Dec 2003 — Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0025.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1274
https://notcve.org/view.php?id=CVE-2003-1274
31 Dec 2003 — Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux. • http://archives.neohapsis.com/archives/bugtraq/2003-01/0025.html •
CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 1CVE-2003-0765 – NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2003-0765
12 Sep 2003 — The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value. IN_MIDI.DLL plugin 3.01 y versiones anteriores, como es utilizado en Winamp 2.91, permite a atacantes remotos la ejecución de código arbitrario mediante un fichero MIDI con un valor "Track data size" largo. • https://www.exploit-db.com/exploits/23124 •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 2CVE-2002-1524
https://notcve.org/view.php?id=CVE-2002-1524
02 Apr 2003 — Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag. Desbordamiento de búfer en el procesador de XML en wsabi.dll de Winamp 3 (1.0.0.488) permite a atacantes remotos ejecutar código arbitrario mediante un fichero de piel (skin) .wal con una etiqueta de incluir fichero larga. • http://archives.neohapsis.com/archives/bugtraq/2002-09/0346.html •
CVSS: 9.8EPSS: 5%CPEs: 17EXPL: 3CVE-2002-2195 – Nullsoft Winamp 2.80 - Automatic Update Check Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-2195
31 Dec 2002 — Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response. • https://www.exploit-db.com/exploits/21595 •