Winamp Security Vulnerabilities and Issues — Winamp CVE List

Lucene search

NullsoftWinamp

6 matches found

CVE•added 2010/12/02 4:22 p.m.•38 views

CVE-2010-4373

The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (1) metadata or (2) albumart in an invalid MP4 file.

4.3CVSS6.7AI score0.005EPSS

CVE•added 2014/05/23 2:55 p.m.•36 views

CVE-2014-3442

Winamp 5.666 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) via a malformed .FLV file, related to f263.w5s.

4.3CVSS7AI score0.11551EPSS

CVE•added 2007/08/17 10:17 p.m.•34 views

CVE-2007-4392

Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.

4.3CVSS7.1AI score0.01068EPSS

CVE•added 2004/09/02 4:0 a.m.•32 views

CVE-2004-0820

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.

4.6CVSS7.2AI score0.04296EPSS

CVE•added 2008/08/10 8:41 p.m.•32 views

CVE-2008-3567

Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting (XSS) attacks via an MP3 file with JavaScript in id3 tags.

4.3CVSS5.7AI score0.00578EPSS

CVE•added 2010/12/02 4:22 p.m.•32 views

CVE-2010-4374

The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via a Matroska Video (MKV) file containing a string with a crafted length.

4.3CVSS6.6AI score0.005EPSS