Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.
Max CVSS
5.0
EPSS Score
0.29%
Published
2003-12-31
Updated
2017-07-11
Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters.
Max CVSS
2.1
EPSS Score
0.34%
Published
2003-12-31
Updated
2017-07-11
Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter.
Max CVSS
9.3
EPSS Score
3.02%
Published
2003-12-31
Updated
2017-07-11
Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.
Max CVSS
2.1
EPSS Score
0.06%
Published
2003-12-31
Updated
2017-07-11
The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value.
Max CVSS
7.5
EPSS Score
1.20%
Published
2003-09-17
Updated
2016-10-18
Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.
Max CVSS
7.5
EPSS Score
2.34%
Published
2003-04-02
Updated
2008-09-05
SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.
Max CVSS
2.1
EPSS Score
0.05%
Published
2003-04-22
Updated
2008-09-05
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!