VYPR

Nullsoft Winamp

by Winamp

CVEs (3)

  • CVE-2008-0065Jan 22, 2008
    risk 0.08cvss epss 0.61

    Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles.

  • CVE-2006-5567Oct 27, 2006
    risk 0.04cvss epss 0.13

    Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags.

  • CVE-2007-6403Dec 17, 2007
    risk 0.03cvss epss 0.03

    Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim…