Lucene search

[email protected]CVE-2002-1177

HistoryDec 26, 2002 - 5:00 a.m.

CVE-2002-1177

2002-12-2605:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

winamp

buffer overflow

remote code execution

id3v2

mp3

security vulnerability

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.8%

JSON

Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.

CPENameOperatorVersion
nullsoft:winampnullsoft winampeq3.0

CPE	Name	Operator	Version
nullsoft:winamp	nullsoft winamp	eq	3.0

References

marc.info/?l=bugtraq&m=104025874209567&w=2

www.securityfocus.com/bid/6429

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.024 Low

EPSS

Percentile

89.8%

JSON

Related for CVE-2002-1177

securityvulns1