CVSS: 7.8EPSS: 13%CPEs: 2EXPL: 1CVE-2006-0720 – Winamp 5.12 - '.m3u' Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-0720
23 Feb 2006 — Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file. • https://www.exploit-db.com/exploits/26245 •
CVSS: 9.3EPSS: 16%CPEs: 18EXPL: 1CVE-2006-0708
https://notcve.org/view.php?id=CVE-2006-0708
15 Feb 2006 — Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476. • http://forums.winamp.com/showthread.php?s=&threadid=238648 •
CVSS: 9.8EPSS: 88%CPEs: 1EXPL: 4CVE-2006-0476 – Winamp - Playlist UNC Path Computer Name Overflow
https://notcve.org/view.php?id=CVE-2006-0476
31 Jan 2006 — Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field). • https://www.exploit-db.com/exploits/16531 •
CVSS: 9.8EPSS: 27%CPEs: 1EXPL: 1CVE-2005-3188
https://notcve.org/view.php?id=CVE-2005-3188
31 Dec 2005 — Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476. • http://securityreason.com/securityalert/397 •
CVSS: 9.8EPSS: 7%CPEs: 4EXPL: 3CVE-2005-2310 – NullSoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2310
19 Jul 2005 — Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE. Desbordamiento de búfer en Winamp 5.03a, 5.09 y 5.091 permite que atacantes remotos ejecuten código arbitrario mediante un fichero MP3 con un tag ID3v2 largo. • https://www.exploit-db.com/exploits/25989 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 24%CPEs: 5EXPL: 0CVE-2004-1896
https://notcve.org/view.php?id=CVE-2004-1896
31 Dec 2004 — Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file. • http://marc.info/?l=bugtraq&m=108118289208693&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2004-2384
https://notcve.org/view.php?id=CVE-2004-2384
31 Dec 2004 — NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line. • http://www.securityfocus.com/archive/1/357986 •
CVSS: 9.8EPSS: 6%CPEs: 9EXPL: 2CVE-2004-1150 – NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2004-1150
31 Dec 2004 — Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file. • https://www.exploit-db.com/exploits/25061 •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 1CVE-2004-1396
https://notcve.org/view.php?id=CVE-2004-1396
31 Dec 2004 — Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file. • http://forums.winamp.com/showthread.php?s=&threadid=202007 •
CVSS: 10.0EPSS: 42%CPEs: 6EXPL: 2CVE-2004-1119 – Winamp 5.06 - 'IN_CDDA.dll' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1119
01 Dec 2004 — Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file. • https://www.exploit-db.com/exploits/654 •