Vulnerabilities > CVE-2007-4392 - Denial-Of-Service vulnerability in Nullsoft Winamp 5.35
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL network
nullsoft
Summary
Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Oval
| accepted | 2014-04-07T04:01:57.625-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself. | ||||||||||||
| family | windows | ||||||||||||
| id | oval:org.mitre.oval:def:15504 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2012-07-20T09:18:28.692-04:00 | ||||||||||||
| title | Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself | ||||||||||||
| version | 8 |
References
- http://morph3us.org/advisories/20070730-winamp-5.35.txt
- http://securityreason.com/securityalert/3040
- http://www.securityfocus.com/archive/1/475161/100/200/threaded
- http://www.securityfocus.com/archive/1/475183/100/200/threaded
- http://www.securityfocus.com/archive/1/475260/100/200/threaded
- http://www.securityfocus.com/archive/1/475489/100/200/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15504