VYPR

Vendor CVEs

Winamp

All CVEs

54 total · sorted by risk
  • CVE-2002-2392Dec 31, 2002
    risk 0.00cvss epss 0.03

    Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code.

  • CVE-2002-1177Dec 26, 2002
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.

  • CVE-2002-0547Jul 3, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.

  • CVE-2002-0284May 31, 2002
    risk 0.00cvss epss 0.01

    Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.

Page 2 of 2