2439 matches found
CVE-2002-1847
Buffer overflow in mplay32.exe of Microsoft Windows Media Player WMP 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability...
CVE-2002-1177
CVE-2002-1177 maps to multiple buffer overflows in Winamp 3.0, specifically in the Media Library handling of ID3v2 tags. The vulnerability occurs when displaying an MP3 in the Media Library window, where long Artist or Album ID3v2 tags can cause memory corruption, enabling remote code execution. ...
CVE-2002-1177
Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long 1 Artist or 2 Album ID3v2 tag...
CVE-2002-1176
This CVE concerns Winamp 2.81 (and Winamp 3.0) with buffer overflows in ID3v2 tag handling. A long Artist ID3v2 tag in an MP3 can cause a crash or allow remote code execution when loaded, per Foundstone advisory and NVD entry. Winamp 2.81 and Winamp 3.0 contain the overflow in the Artist field of...
Foundstone Research Labs Advisory - Exploitable Windows XP Media Files (fwd)
---------------------------------------------------------------------- Foundstone Research Labs Advisory - FS2002-11 Advisory Name: Exploitable Windows XP Media Files Release Date: December 18, 2002 Application: Windows Explorer Platforms: Windows XP Severity: Remote code execution Vendors:...
GDAM123 0.9330.942 - Filename Buffer Overflow
GDAM123 0.9330.942 - Filename Buffer Overflow // source: https://www.securityfocus.com/bid/5578/info The GDAM123 command-line MP3 player is prone to a buffer overflow condition when handling overly long filenames. Under some circumstances, the player may be installed setuid root to allow...
GDAM123 0.933/0.942 - Filename Buffer Overflow
// source: https://www.securityfocus.com/bid/5578/info The GDAM123 command-line MP3 player is prone to a buffer overflow condition when handling overly long filenames. Under some circumstances, the player may be installed setuid root to allow unprivileged users to run the player if access to...
Multiple bugs in icecast.
It's possible to cause server's DoS and access mp3 files in any directory...
CVE-2002-0546
Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file...
CVE-2002-0337
RealPlayer 8 allows remote attackers to cause a denial of service CPU utilization via malformed .mp3 files...
CVE-2002-0337
The CVE-2002-0337 entry concerns RealPlayer 8 and a denial-of-service condition triggered by processing malformed MP3 files. The vulnerability allows a remote attacker to induce high CPU usage, leading to service disruption. Affected software is RealPlayer 8; the exact component/file and root cau...
CVE-2002-0337
RealPlayer 8 allows remote attackers to cause a denial of service CPU utilization via malformed .mp3 files...
Mp3 file can execute code in Winamp [Sandblad advisory #5]
Sandblad advisory 5 - ---..---..---..---..---..---..---..---..---..---..---..---..---- Title: Mp3 file can execute code in Winamp. Date: 2002-04-26 Software: Nullsoft Winamp 2.79 Rating: High because mp3 files are widely trusted as safe. Impact: Specially crafted mp3 file can execute arbitrary...
Buffer overflow in Winamp
Buffer overflow on MP3 ID3v2 tag processing...
CVE-2002-0177
Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client...
CVE-2002-0177
Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client...
DoS против Real Player
100 использование процессора при неправильном формате mp3-файла...
CVE-2000-0412
CVE-2000-0412 affects the Napster-era clients (gnapster/knapster). The vulnerability allows a remote attacker to read arbitrary files on the client by specifying full pathnames, due to improper restriction to MP3 files. The NVD entry assigns a CVSSv2 base score of 7.5 (HIGH) with network attack v...
CVE-2000-0412
The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file...