Lucene search
HistoryFeb 23, 2006 - 9:02 p.m.
CVE-2006-0720
cve-2006-0720
buffer overflow
nullsoft winamp
denial of service
arbitrary code
vulnerability
8 High
AI Score
Confidence
High
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.6%
Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nullsoft:winamp | nullsoft winamp | eq | 5.12 |
| nullsoft:winamp | nullsoft winamp | eq | 5.13 |
References
Related
prion
prion
Stack overflow
2006-02-23 21:02:00
exploitpack
exploitpack
Winamp 5.12 - .m3u Local Stack Buffer Overflow
2013-06-17 00:00:00
packetstorm
packetstorm
Winamp 5.12 Buffer Overflow
2013-06-16 00:00:00
securityvulns
securityvulns
NSFOCUS SA2006-01 : Winamp m3u File Processing Buffer Overflow Vulnerability
2006-02-24 00:00:00
seebug
seebug
Winamp 5.12 (.m3u) - Stack Based Buffer Overflow
2014-07-01 00:00:00
exploitdb
exploitdb
Winamp 5.12 - '.m3u' Local Stack Buffer Overflow
2013-06-17 00:00:00
nessus
nessus
Winamp < 5.2 Multiple Vulnerabilities
2006-02-25 00:00:00
8 High
AI Score
Confidence
High
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.6%
Related for CVE-2006-0720