Page 6 of 31 results (0.004 seconds)

CVSS: 4.6EPSS: 23%CPEs: 33EXPL: 1

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file. • https://www.exploit-db.com/exploits/418 http://secunia.com/advisories/12381 http://www.auscert.org.au/render.html?it=4338 http://www.frsirt.com/exploits/08252004.skinhead.php https://exchange.xforce.ibmcloud.com/vulnerabilities/17124 •

CVSS: 6.4EPSS: 0%CPEs: 13EXPL: 1

Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code. • http://seclists.org/bugtraq/2002/Jul/0205.html http://www.iss.net/security_center/static/9630.php http://www.securityfocus.com/bid/5266 •

CVSS: 5.0EPSS: 2%CPEs: 17EXPL: 3

Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response. • https://www.exploit-db.com/exploits/21595 http://online.securityfocus.com/archive/1/280786 http://www.iss.net/security_center/static/9488.php http://www.securityfocus.com/bid/5170 •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1

Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file. Vulnerabilidad de secuencias de comandos en sitios cruzados en la zona de navegación de Winamp 2.78 y 2.79 permite a atacantes remotos la ejecución de código mediante etiquetas ID3v1 o ID3v2 en un fichero MP3. • http://archives.neohapsis.com/archives/bugtraq/2002-04/0026.html http://archives.neohapsis.com/archives/bugtraq/2002-04/0049.html http://www.iss.net/security_center/static/8753.php http://www.securityfocus.com/bid/4414 •

CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0

Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag. Desbordamiento de búfer en la zona de navegación de Winamp 2.79 y versiones anteriores, permite a atacantes remotos causar una Denegación de Servicios (caída) y posiblemente la ejecución arbitraria de código mediante una cadena larga de caracteres en el campo title de una etiqueta ID3v2. • http://archives.neohapsis.com/archives/bugtraq/2002-04/0373.html http://www.iss.net/security_center/static/8946.php http://www.securityfocus.com/bid/4609 http://www.winamp.com/download/newfeatures.jhtml •