Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Winamp Subscribe
Filtered by product Nullsoft Winamp
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-6403 1 Winamp 1 Nullsoft Winamp 2018-10-15 6.8 MEDIUM N/A
Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certain menu option at the time of the attack.
CVE-2008-0065 1 Winamp 1 Nullsoft Winamp 2017-08-07 10.0 HIGH N/A
Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles.