NullsoftCVEs & Vulnerabilities

76 CVEs affecting Nullsoft products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

winamp 1,536shoutcast server 22nullsoft scriptable install system 3shoutcast dsp 2
CVE-2004-1396LOW

Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.

31 Dec 2004
2.6
CVSS
CVE-2004-1896HIGH

Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file.

31 Dec 2004
7.6
CVSS
CVE-2004-2384MEDIUM

NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line.

31 Dec 2004
5.0
CVSS
CVE-2004-1150MEDIUMpoc

Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file.

31 Dec 2004
5.1
CVSS
CVE-2004-1373HIGHpoc

Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.

23 Dec 2004
7.5
CVSS
CVE-2004-0820MEDIUMpoc

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.

28 Aug 2004
4.6
CVSS
CVE-2003-1272CRITICAL

Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter.

31 Dec 2003
9.3
CVSS
CVE-2003-1273LOW

Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters.

31 Dec 2003
2.1
CVSS
CVE-2003-1274MEDIUM

Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux.

31 Dec 2003
5.0
CVSS
CVE-2003-1174LOWpoc

Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.

31 Dec 2003
2.1
CVSS
CVE-2003-0765HIGHpoc

The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value.

17 Sep 2003
7.5
CVSS
CVE-2002-1470LOW

SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a GET request to port 8001, which causes the password to be logged in the world-readable sc_serv.log file.

22 Apr 2003
2.1
CVSS
CVE-2002-1524HIGH

Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.

2 Apr 2003
7.5
CVSS
CVE-2002-2392MEDIUM

Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code.

31 Dec 2002
6.4
CVSS
CVE-2002-2412LOW

Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.

31 Dec 2002
2.1
CVSS
CVE-2002-2195MEDIUMpoc

Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.

31 Dec 2002
5.0
CVSS
CVE-2002-1176HIGH

Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file.

26 Dec 2002
7.5
CVSS
CVE-2002-1177HIGH

Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.

26 Dec 2002
7.5
CVSS
CVE-2002-0907HIGHpoc

Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-".

4 Oct 2002
7.5
CVSS
CVE-2002-0546HIGH

Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file.

3 Jul 2002
7.5
CVSS
CVE-2002-0547HIGH

Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.

3 Jul 2002
7.5
CVSS
CVE-2002-0284LOW

Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.

31 May 2002
2.6
CVSS
CVE-2002-0199HIGH

Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes.

16 May 2002
7.5
CVSS
CVE-2001-1304MEDIUM

Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header.

3 Aug 2001
5.0
CVSS
CVE-2001-0490HIGHpoc

Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file.

27 Jun 2001
7.5
CVSS
CVE-2000-0624HIGHpoc

Buffer overflow in Winamp 2.64 and earlier allows remote attackers to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist.

20 Jul 2000
7.5
CVSS
CVE-2000-0049HIGHpoc

Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.

4 Jan 2000
7.2
CVSS
CVE-1999-1561HIGH

Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.

20 Aug 1999
7.2
CVSS
← PrevPage 2 / 2Next →
Nullsoft CVEs & Vulnerabilities — 76 Tracked — Page 2