CVE-2006-0720

Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file...

CVE-2006-0720

Winamp 5.12/5.13 are affected by a stack-based buffer overflow in .m3u handling. The vulnerability stems from an incorrect strncpy call when pausing or stopping playback, leading to a denial of service and potential arbitrary code execution. Public PoCs/exploits exist for Winamp 5.12 (.m3u) and a...

CVE-2006-0720

Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file...

Buffer overflow

Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via 1 an m3u file containing a long URL ending in .wma, 2 a pls file containing a File1 field with a long URL ending in .wma, or 3 an m3u file with a long filename, variants of...

CVE-2006-0708

Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via 1 an m3u file containing a long URL ending in .wma, 2 a pls file containing a File1 field with a long URL ending in .wma, or 3 an m3u file with a long filename, variants of...

CVE-2006-0708

CVE-2006-0708 describes multiple buffer overflows in Nullsoft Winamp 5.13 and earlier that allow remote code execution via crafted playlists (.m3u/.pls) with long URLs or filenames ending in .wma. Connected docs confirm related variants (CVE-2005-3188, CVE-2006-0476) and publicly available exploi...

CVE-2006-0708

Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via 1 an m3u file containing a long URL ending in .wma, 2 a pls file containing a File1 field with a long URL ending in .wma, or 3 an m3u file with a long filename, variants of...

CVE-2005-3188

CVE-2005-3188 corresponds to a buffer overflow in Nullsoft Winamp 5.094, triggered by crafted playlist references in m3u or pls files (long lines ending in .wma). The issue enables remote code execution due to inadequate input sanitization during playlist processing. Relatedly, CVE-2006-0476 cove...

CVE-2005-3188

Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via 1 an m3u file containing a long line ending in .wma or 2 a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476...

Immunity Canvas: VSPLOIT_WINAMP512

Name| vsploitwinamp512 ---|--- CVE| CVE-2006-0476 Exploit Pack| CANVAS Description| Winamp 5.12 .pls overflow Notes| CVE Name: CVE-2006-0476 VENDOR: Nullsoft Repeatability: References: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=377 CVE Url:...

Buffer overflow

Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist pls file with a long file name File1 field...

CVE-2006-0476

Winamp 5.13 and earlier variants (notably 5.12) are affected by buffer-overflow flaws triggered by crafted playlist files (M3U/PLS) containing long URLs/filenames, enabling remote code execution. Connected sources document CVE-2006-0476 and related CVEs (e.g., CVE-2006-0708, CVE-2005-3188) descri...

CVE-2005-3188

Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via 1 an m3u file containing a long line ending in .wma or 2 a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476...

SHOUTcast DNAS/win32 1.9.4 File Request Format String Overflow

This module exploits a format string vulnerability in the Nullsoft SHOUTcast server for Windows. The vulnerability is triggered by requesting a file path that contains format string specifiers. This vulnerability was discovered by Tomasz Trojanowski and Damian Put. This module requires Metasploit...

CVE-2004-2384

Affected software: NullSoft Winamp versions around 5.02 and older (Winamp

Nullsoft Winamp < 5.093 Malformed ID3v2 Tag Overflow

Binary data 3069.prm...

CVE-2004-1896

This CVE affects Nullsoft Winamp versions 2.91 through 5.02, with a heap-based overflow in the in_mod.dll parser for Fasttracker 2 (.xm) mods. The vulnerability allows remote code execution via a malformed XM file, caused by a bound-check/heap-overflow condition in the XM/.MOD parsing path. The r...

CVE-2003-1174

Technical details about CVE-2003-1174 are not publicly available in the provided documents. Monitor for updates from official advisories.

CVE-2004-1896

Heap-based buffer overflow in inmod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 .xm mod media file...

CVE-2003-1174

Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via 1 icy-name followed by a long server name or 2 icy-url followed by a long URL...