Vulnerabilities > Nullsoft > Winamp > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1274 | Denial-Of-Service vulnerability in Nullsoft Winamp 3.0 Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux. | 5.0 |
| 2002-12-31 | CVE-2002-2392 | Unspecified vulnerability in Nullsoft Winamp Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code. | 6.4 |
| 2002-12-31 | CVE-2002-2195 | Buffer Overflow vulnerability in Nullsoft Winamp Automatic Update Check Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response. | 5.0 |