Vulnerabilities > Nullsoft > Winamp > 5.581

DATE CVE VULNERABILITY TITLE RISK
2010-12-02 CVE-2010-4370 Numeric Errors vulnerability in Nullsoft Winamp
Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted MIDI file that triggers a buffer overflow.
network
nullsoft CWE-189
critical
 9.3
9.3
2010-12-02 CVE-2010-2586 Numeric Errors vulnerability in Nullsoft Winamp
Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NSV file that triggers a heap-based buffer overflow.
network
nullsoft CWE-189
critical
 9.3
9.3
2010-11-06 CVE-2010-1523 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nullsoft Winamp
Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow remote attackers to execute arbitrary code via a crafted VP6 (1) video file or (2) video stream.
network
nullsoft CWE-119
critical
 9.3
9.3
2010-08-26 CVE-2010-3137 Unspecified vulnerability in Nullsoft Winamp 5.581
Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wnaspi32.dll that is located in the same folder as a .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf or .cda file.
network
nullsoft
critical
 9.3
9.3