Lucene search
HistoryDec 02, 2010 - 4:22 p.m.
CVE-2010-4372
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.109
Percentile
95.1%
Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vulnerability than CVE-2010-2586.
Affected configurations
Node
nullsoftwinampRange≤5.581
ORnullsoftwinampMatch0.20a
ORnullsoftwinampMatch0.92
ORnullsoftwinampMatch1.006
ORnullsoftwinampMatch1.90
ORnullsoftwinampMatch2.0
ORnullsoftwinampMatch2.6
ORnullsoftwinampMatch2.9
ORnullsoftwinampMatch2.10
ORnullsoftwinampMatch2.91
ORnullsoftwinampMatch2.92
ORnullsoftwinampMatch2.95
ORnullsoftwinampMatch5.0
ORnullsoftwinampMatch5.01
ORnullsoftwinampMatch5.1-surround
ORnullsoftwinampMatch5.02
ORnullsoftwinampMatch5.2
ORnullsoftwinampMatch5.3
ORnullsoftwinampMatch5.03
ORnullsoftwinampMatch5.04
ORnullsoftwinampMatch5.05
ORnullsoftwinampMatch5.5
ORnullsoftwinampMatch5.06
ORnullsoftwinampMatch5.07
ORnullsoftwinampMatch5.08c
ORnullsoftwinampMatch5.08d
ORnullsoftwinampMatch5.08e
ORnullsoftwinampMatch5.09
ORnullsoftwinampMatch5.11
ORnullsoftwinampMatch5.12
ORnullsoftwinampMatch5.13
ORnullsoftwinampMatch5.21
ORnullsoftwinampMatch5.22
ORnullsoftwinampMatch5.23
ORnullsoftwinampMatch5.24
ORnullsoftwinampMatch5.31
ORnullsoftwinampMatch5.32
ORnullsoftwinampMatch5.33
ORnullsoftwinampMatch5.34
ORnullsoftwinampMatch5.35
ORnullsoftwinampMatch5.51
ORnullsoftwinampMatch5.52
ORnullsoftwinampMatch5.53
ORnullsoftwinampMatch5.54
ORnullsoftwinampMatch5.55
ORnullsoftwinampMatch5.56
ORnullsoftwinampMatch5.58
ORnullsoftwinampMatch5.091
ORnullsoftwinampMatch5.093
ORnullsoftwinampMatch5.094
ORnullsoftwinampMatch5.111
ORnullsoftwinampMatch5.112
ORnullsoftwinampMatch5.531
ORnullsoftwinampMatch5.541
ORnullsoftwinampMatch5.551
ORnullsoftwinampMatch5.552
ORnullsoftwinampMatch5.572
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nullsoft | winamp | * | cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:* |
| nullsoft | winamp | 0.20a | cpe:2.3:a:nullsoft:winamp:0.20a:*:*:*:*:*:*:* |
| nullsoft | winamp | 0.92 | cpe:2.3:a:nullsoft:winamp:0.92:*:*:*:*:*:*:* |
| nullsoft | winamp | 1.006 | cpe:2.3:a:nullsoft:winamp:1.006:*:*:*:*:*:*:* |
| nullsoft | winamp | 1.90 | cpe:2.3:a:nullsoft:winamp:1.90:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.0 | cpe:2.3:a:nullsoft:winamp:2.0:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.6 | cpe:2.3:a:nullsoft:winamp:2.6:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.9 | cpe:2.3:a:nullsoft:winamp:2.9:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.10 | cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:* |
| nullsoft | winamp | 2.91 | cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2010-4372
2010-12-02 16:00:00
CVE-2010-2586
2010-12-02 16:00:00
prion
prion
Integer overflow
2010-12-02 16:22:00
Integer overflow
2010-12-02 16:22:00
cve
cve
CVE-2010-4372
2010-12-02 16:22:22
CVE-2010-2586
2010-12-02 16:22:20
securityvulns
securityvulns
Secunia Research: Winamp NSV Table of Contents Parsing Integer Overflow
2010-12-01 00:00:00
WinAmp integer overflow
2010-12-22 00:00:00
nvd
nvd
CVE-2010-2586
2010-12-02 16:22:20
nessus
nessus
Winamp < 5.60 Multiple Vulnerabilities
2010-10-27 00:00:00
Winamp < 5.6 Multiple Vulnerabilities
2010-11-30 00:00:00
openvas
openvas
Winamp Multiple Vulnerabilities
2010-12-09 00:00:00
Winamp Multiple Vulnerabilities
2010-12-09 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.109
Percentile
95.1%
Related for NVD:CVE-2010-4372