Page 6 of 29 results (0.006 seconds)

CVSS: 4.6EPSS: 23%CPEs: 33EXPL: 1

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. • https://www.exploit-db.com/exploits/418 http://secunia.com/advisories/12381 http://www.auscert.org.au/render.html?it=4338 http://www.frsirt.com/exploits/08252004.skinhead.php https://exchange.xforce.ibmcloud.com/vulnerabilities/17124 •

CVSS: 6.4EPSS: 0%CPEs: 13EXPL: 1

Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code. • http://seclists.org/bugtraq/2002/Jul/0205.html http://www.iss.net/security_center/static/9630.php http://www.securityfocus.com/bid/5266 •

CVSS: 5.0EPSS: 2%CPEs: 17EXPL: 3

Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response. • https://www.exploit-db.com/exploits/21595 http://online.securityfocus.com/archive/1/280786 http://www.iss.net/security_center/static/9488.php http://www.securityfocus.com/bid/5170 •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag. Desbordamiento de búfer en la zona de navegación de Winamp 2.79 y versiones anteriores, permite a atacantes remotos causar una Denegación de Servicios (caída) y posiblemente la ejecución arbitraria de código mediante una cadena larga de caracteres en el campo title de una etiqueta ID3v2. • http://archives.neohapsis.com/archives/bugtraq/2002-04/0373.html http://www.iss.net/security_center/static/8946.php http://www.securityfocus.com/bid/4609 http://www.winamp.com/download/newfeatures.jhtml •