Nullsoft : Security Vulnerabilities, CVEs, Published In 2003
Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.
Max CVSS
5.0
EPSS Score
0.29%
Published
2003-12-31
Updated
2017-07-11
Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters.
Max CVSS
2.1
EPSS Score
0.34%
Published
2003-12-31
Updated
2017-07-11
Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter.
Max CVSS
9.3
EPSS Score
3.02%
Published
2003-12-31
Updated
2017-07-11
Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.
Max CVSS
2.1
EPSS Score
0.06%
Published
2003-12-31
Updated
2017-07-11
The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value.
Max CVSS
7.5
EPSS Score
1.20%
Published
2003-09-17
Updated
2016-10-18
Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.
Max CVSS
7.5
EPSS Score
2.34%
Published
2003-04-02
Updated
2008-09-05
SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.
Max CVSS
2.1
EPSS Score
0.05%
Published
2003-04-22
Updated
2008-09-05
7 vulnerabilities found