CVSS: 9.3EPSS: 23%CPEs: 1EXPL: 0CVE-2007-1922
https://notcve.org/view.php?id=CVE-2007-1922
The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, which triggers memory corruption. Los módulos Impulse Tracker (IT) y ScreamTracker 3 (S3M) en IN_MOD.DLL de AOL Nullsoft Winamp 5.33 permite a atacantes remotos ejecutar código de su elección mediante ficheros artesanales (1) .IT o (2) .S3M que contienen valores de enteros que son usados como delimitadores (offsets) de memoria, lo cual provoca una corrupción de memoria. • http://marc.info/?l=dailydave&m=117589949000906&w=2 http://marc.info/?l=dailydave&m=117590046601511&w=2 http://osvdb.org/34430 http://osvdb.org/34431 http://securityreason.com/securityalert/2532 http://www.piotrbania.com/all/adv/nullsoft-winamp-it_module-in_mod-adv.txt http://www.piotrbania.com/all/adv/nullsoft-winamp-s3m_module-in_mod-adv.txt http://www.securityfocus.com/archive/1/464890/100/0/threaded http://www.securityfocus.com/archive/1/464893/100/0/threade • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 9%CPEs: 1EXPL: 0CVE-2007-1921
https://notcve.org/view.php?id=CVE-2007-1921
LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other products, allows remote attackers to execute arbitrary code via a crafted .MAT file that contains a value that is used as an offset, which triggers memory corruption. La biblioteca LIBSNDFILE.DLL, tal como es utilizado por AOL Nullsoft Winamp versión 5.33 y posiblemente otros productos, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo .MAT creado que contiene un valor que es usado como un offset, lo que desencadena una corrupción de memoria. • http://marc.info/?l=dailydave&m=117589848432659&w=2 http://osvdb.org/34432 http://secunia.com/advisories/24766 http://securityreason.com/securityalert/2541 http://www.piotrbania.com/all/adv/nullsoft-winamp-libsndfile-adv.txt http://www.securityfocus.com/archive/1/464889/100/0/threaded http://www.securityfocus.com/bid/23351 http://www.securitytracker.com/id?1017886 http://www.vupen.com/english/advisories/2007/1286 https://exchange.xforce.ibmcloud.com/vulnerabilities/33481 •
CVSS: 9.3EPSS: 89%CPEs: 30EXPL: 1CVE-2006-3228 – Winamp 5.21 - '.Midi' File Header Handling Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2006-3228
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file. Desbordamiento de búfer en in_midi.dll para WinAmp v2.90 hasta v5.23, incluyendo v5.21, permite a atacantes remotos ejecutar código de su elección a través de un fichero manipulado .mi (MIDI). • https://www.exploit-db.com/exploits/1935 http://forums.winamp.com/showthread.php?threadid=248100 http://secunia.com/advisories/20722 http://www.attrition.org/pipermail/vim/2006-June/000892.html http://www.attrition.org/pipermail/vim/2006-June/000893.html http://www.winamp.com/about/article.php?aid=10694 •
CVSS: 9.3EPSS: 10%CPEs: 18EXPL: 1CVE-2006-0708
https://notcve.org/view.php?id=CVE-2006-0708
Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476. • http://forums.winamp.com/showthread.php?s=&threadid=238648 http://securityreason.com/securityalert/444 http://securityreason.com/securityalert/492 http://securitytracker.com/id?1015621 http://www.securityfocus.com/archive/1/424903/100/0/threaded http://www.securityfocus.com/bid/16623 http://www.vupen.com/english/advisories/2006/0613 https://exchange.xforce.ibmcloud.com/vulnerabilities/24739 https://exchange.xforce.ibmcloud.com/vulnerabilities/24740 https://exchange.xforce.ibmcloud.com/vulnerabilities •
CVSS: 9.3EPSS: 94%CPEs: 4EXPL: 3CVE-2005-2310 – NullSoft Winamp 5.0 - Malformed ID3v2 Tag Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2310
Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE. Desbordamiento de búfer en Winamp 5.03a, 5.09 y 5.091 permite que atacantes remotos ejecuten código arbitrario mediante un fichero MP3 con un tag ID3v2 largo. • https://www.exploit-db.com/exploits/25989 http://secunia.com/advisories/16077 http://security.lss.hr/index.php?page=details&ID=LSS-2005-07-14 http://securitytracker.com/id?1014483 http://www.osvdb.org/17897 http://www.securityfocus.com/bid/14276 http://www.vupen.com/english/advisories/2005/1106 http://www.winamp.com/player/version_history.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •