Winamp@5.572 Security Vulnerabilities and Issues — Winamp@5.572 CVE List

Lucene search

NullsoftWinamp5.572

13 matches found

CVE•added 2011/12/16 7:55 p.m.•155 views

CVE-2011-3834

Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow.

9.3CVSS7.7AI score0.07192EPSS

CVE•added 2014/04/16 10:55 p.m.•50 views

CVE-2013-4694

Stack-based buffer overflow in gen_jumpex.dll in Winamp before 5.64 Build 3418 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a package with a long Skin directory name. NOTE: a second buffer overflow involving a long GUI Search field to ml_local...

7.5CVSS8AI score0.52531EPSS

CVE•added 2012/07/11 10:26 a.m.•46 views

CVE-2012-3890

The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a .IT file.

6.8CVSS7.7AI score0.00666EPSS

CVE•added 2010/11/06 12:0 a.m.•44 views

CVE-2010-1523

Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote attackers to execute arbitrary code via a crafted VP6 (1) video file or (2) video stream.

9.3CVSS7.7AI score0.03461EPSS

CVE•added 2010/12/02 4:22 p.m.•44 views

CVE-2010-2586

Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.

9.3CVSS7.7AI score0.11189EPSS

CVE•added 2010/12/02 4:22 p.m.•41 views

CVE-2010-4371

Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.

9.3CVSS7AI score0.08312EPSS

CVE•added 2012/07/11 10:26 a.m.•40 views

CVE-2012-3889

The in_mod plugin in Winamp before 5.63 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a .IT file.

6.8CVSS7.7AI score0.00666EPSS

CVE•added 2010/12/02 4:22 p.m.•38 views

CVE-2010-4373

The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (1) metadata or (2) albumart in an invalid MP4 file.

4.3CVSS6.7AI score0.005EPSS

CVE•added 2014/05/23 2:55 p.m.•36 views

CVE-2014-3442

Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.

4.3CVSS7AI score0.11551EPSS

CVE•added 2010/12/02 4:22 p.m.•32 views

CVE-2010-4374

The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length.

4.3CVSS6.6AI score0.005EPSS

CVE•added 2010/12/02 4:22 p.m.•31 views

CVE-2010-4372

Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vulnerability than CVE-2010-2586.

9.3CVSS7AI score0.11189EPSS

CVE•added 2010/12/02 4:22 p.m.•29 views

CVE-2010-4370

Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted MIDI file that triggers a buffer overflow.

9.3CVSS7.7AI score0.06539EPSS

CVE•added 2011/12/16 7:55 p.m.•28 views

CVE-2011-4857

Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information.

10CVSS8.2AI score0.12802EPSS