Vulnerabilities > Nullsoft > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-01 | CVE-2015-9267 | Improper Privilege Management vulnerability in multiple products Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. | 3.6 |
| 2004-12-31 | CVE-2004-1396 | Remote Denial Of Service vulnerability in Nullsoft Winamp 5.07 Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file. | 2.6 |
| 2003-12-31 | CVE-2003-1174 | Unspecified vulnerability in Nullsoft Shoutcast Server 1.9.2 Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. | 2.1 |
| 2003-12-31 | CVE-2003-1273 | Denial Of Service vulnerability in Nullsoft Winamp 3.0 Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. | 2.1 |
| 2003-04-22 | CVE-2002-1470 | Information Disclosure vulnerability in Nullsoft Shoutcast Server 1.8.9 SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file. | 2.1 |
| 2002-12-31 | CVE-2002-2412 | Credentials Management vulnerability in Nullsoft Winamp 2.80 Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts. | 2.1 |
| 2002-05-31 | CVE-2002-0284 | Remote Security vulnerability in Nullsoft Winamp 2.77/2.78 Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname. | 2.6 |