CVSS: 9.3EPSS: 10%CPEs: 10EXPL: 2CVE-2007-2498 – Winamp 5.34 - '.mp4' Code Execution
https://notcve.org/view.php?id=CVE-2007-2498
libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote attackers to execute arbitrary code via a certain .MP4 file. NOTE: some of these details are obtained from third party information. libmp4v2.dll de Winamp 5.02 hasta 5.34 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un fichero .MP4 concreto. NOTA: algunos de estos detalles se han obtenido de información de terceros. • https://www.exploit-db.com/exploits/3823 http://secunia.com/advisories/25089 http://securitytracker.com/id?1017993 http://www.securityfocus.com/bid/23723 http://www.vupen.com/english/advisories/2007/1594 https://exchange.xforce.ibmcloud.com/vulnerabilities/34030 •
CVSS: 7.1EPSS: 1%CPEs: 1EXPL: 2CVE-2007-2180 – Winamp 5.3 - '.wmv' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-2180
Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted WMV file. Desbordamiento de búfer en Nullsoft Winamp 5.3 permite a atacantes con la intervención del usuario provocar denegación de servicio (caida) a través de ficheros WMV. • https://www.exploit-db.com/exploits/3768 http://securityreason.com/securityalert/2601 http://www.securityfocus.com/archive/1/466291/100/0/threaded http://www.securityfocus.com/bid/23568 https://exchange.xforce.ibmcloud.com/vulnerabilities/33764 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15697 •
CVSS: 9.3EPSS: 50%CPEs: 2EXPL: 1CVE-2006-5567 – NullSoft Winamp 5.3 - Ultravox-Max-Msg Heap Overflow Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2006-5567
Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags. Múltiples desbordamientos de búfer basado en montón en AOL Nullsoft WinAmp anterior a 5.31 permite a un atacante remoto con la intervención del usuario ejecutar código de su elección a través de una cabecera manipulada (1)ultravox-max-msg a el manejador de protocolo Ultravox o (2) etiquetas no especificadas Lyrics3. • https://www.exploit-db.com/exploits/2708 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=431 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=432 http://secunia.com/advisories/22580 http://securitytracker.com/id?1017119 http://securitytracker.com/id?1017120 http://www.kb.cert.org/vuls/id/449092 http://www.securityfocus.com/bid/20744 http://www.vupen.com/english/advisories/2006/4196 http://www.winamp.com/player/version_history.php#5.31 h •
CVSS: 9.3EPSS: 89%CPEs: 30EXPL: 1CVE-2006-3228 – Winamp 5.21 - '.Midi' File Header Handling Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-3228
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file. Desbordamiento de búfer en in_midi.dll para WinAmp v2.90 hasta v5.23, incluyendo v5.21, permite a atacantes remotos ejecutar código de su elección a través de un fichero manipulado .mi (MIDI). • https://www.exploit-db.com/exploits/1935 http://forums.winamp.com/showthread.php?threadid=248100 http://secunia.com/advisories/20722 http://www.attrition.org/pipermail/vim/2006-June/000892.html http://www.attrition.org/pipermail/vim/2006-June/000893.html http://www.winamp.com/about/article.php?aid=10694 •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 1CVE-2006-0720 – Winamp 5.12 - '.m3u' Local Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-0720
Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file. • https://www.exploit-db.com/exploits/26245 http://forums.winamp.com/showthread.php?threadid=238648 http://securityreason.com/securityalert/476 http://securitytracker.com/id?1015675 http://www.nsfocus.com/english/homepage/research/0601.htm http://www.securityfocus.com/archive/1/425888/100/0/threaded http://www.securityfocus.com/bid/16785 https://exchange.xforce.ibmcloud.com/vulnerabilities/24740 •