Lucene search

[email protected]CVE-2004-1396

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-1396

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

winamp

cve-2004-1396

denial of service

remote attackers

security vulnerability

7.1 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

83.7%

JSON

Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.

CPENameOperatorVersion
nullsoft:winampnullsoft winampeq5.07

CPE	Name	Operator	Version
nullsoft:winamp	nullsoft winamp	eq	5.07

References

forums.winamp.com/showthread.php?s=&threadid=202007

marc.info/?l=bugtraq&m=110297310503541&w=2

marc.info/?l=full-disclosure&m=110303988101973&w=2

securitytracker.com/alerts/2004/Dec/1012525.html

www.kb.cert.org/vuls/id/372968

www.securityfocus.com/bid/11909

exchange.xforce.ibmcloud.com/vulnerabilities/18466

exchange.xforce.ibmcloud.com/vulnerabilities/18467

7.1 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

83.7%

JSON

Related for CVE-2004-1396

nessus1