Vulnerabilities > Nullsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-06-26 | CVE-2006-3228 | Remote Security vulnerability in Winamp Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file. | 9.3 |
| 2006-06-13 | CVE-2006-3007 | HTML Injection vulnerability in Nullsoft SHOUTcast Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields (1) Description, (2) URL, (3) Genre, (4) AIM, and (5) ICQ. network nullsoft | 4.3 |
| 2006-02-23 | CVE-2006-0720 | Buffer Overflow vulnerability in Nullsoft Winamp M3U File Processing Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file. | 7.6 |
| 2006-02-15 | CVE-2006-0708 | Denial of Service vulnerability in Nullsoft Winamp M3U File Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476. | 9.3 |
| 2006-01-31 | CVE-2006-0476 | Remote Buffer Overflow vulnerability in Nullsoft Winamp 5.12 Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field). | 7.6 |
| 2005-12-31 | CVE-2005-3188 | Remote Buffer Overflow vulnerability in Nullsoft Winamp 5.094 Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476. | 7.6 |
| 2005-07-19 | CVE-2005-2310 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nullsoft Winamp Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE. | 9.3 |
| 2005-01-10 | CVE-2004-1119 | Remote Buffer Overflow vulnerability in Nullsoft Winamp Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file. | 10.0 |
| 2004-12-31 | CVE-2004-2384 | Denial of Service vulnerability in Nullsoft Winamp 5.02 NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line. | 5.0 |
| 2004-12-31 | CVE-2004-1896 | Heap Overflow vulnerability in NullSoft Winamp in_mod.dll Plug-in Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file. | 7.6 |