Filtered by vendor Nullsoft
Subscriptions
Filtered by product Winamp
Subscriptions
Total
62 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5567 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags. | ||||
| CVE-2007-1921 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other products, allows remote attackers to execute arbitrary code via a crafted .MAT file that contains a value that is used as an offset, which triggers memory corruption. | ||||
| CVE-2007-1922 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5.33 allows remote attackers to execute arbitrary code via a crafted (1) .IT or (2) .S3M file containing integer values that are used as memory offsets, which triggers memory corruption. | ||||
| CVE-2007-2180 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted WMV file. | ||||
| CVE-2007-2498 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote attackers to execute arbitrary code via a certain .MP4 file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-4392 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself. | ||||
| CVE-2008-3441 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| Nullsoft Winamp before 5.24 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | ||||
| CVE-2008-3567 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting (XSS) attacks via an MP3 file with JavaScript in id3 tags. | ||||
| CVE-2009-0186 | 2 Mega-nerd, Nullsoft | 2 Libsndfile, Winamp | 2025-04-09 | N/A |
| Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow. | ||||
| CVE-2009-0833 | 2 Myplugins, Nullsoft | 2 Gen Msn, Winamp | 2025-04-09 | N/A |
| Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1791 | 2 Mega-nerd, Nullsoft | 2 Libsndfile, Winamp | 2025-04-09 | N/A |
| Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value. | ||||
| CVE-2009-1831 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote attackers to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow. | ||||
| CVE-2009-4356 | 1 Nullsoft | 1 Winamp | 2025-04-09 | N/A |
| Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57 allow remote attackers to execute arbitrary code via malformed (1) JPEG or (2) PNG data in an MP3 file. | ||||
| CVE-2007-4619 | 3 Flac, Nullsoft, Redhat | 3 Libflac, Winamp, Enterprise Linux | 2025-04-09 | N/A |
| Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow. | ||||
| CVE-2002-0546 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file. | ||||
| CVE-2002-0284 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname. | ||||
| CVE-2001-0490 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file. | ||||
| CVE-2002-0547 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag. | ||||
| CVE-2000-0049 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file. | ||||
| CVE-2002-2195 | 1 Nullsoft | 1 Winamp | 2025-04-03 | N/A |
| Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response. | ||||