Lucene search

MitreCVE-2004-1396

HistoryFeb 12, 2005 - 5:00 a.m.

CVE-2004-1396

2005-02-1205:00:00

mitre

web.nvd.nist.gov

winamp

cve-2004-1396

denial of service

remote attackers

security vulnerability

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.9

Confidence

High

EPSS

0.01

Percentile

83.9%

JSON

Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.

Affected configurations

Nvd

Node

nullsoftwinampMatch5.07

VendorProductVersionCPE
nullsoftwinamp5.07cpe:2.3:a:nullsoft:winamp:5.07:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nullsoft	winamp	5.07	cpe:2.3:a:nullsoft:winamp:5.07:::::::*

References

forums.winamp.com/showthread.php?s=&threadid=202007

marc.info/?l=bugtraq&m=110297310503541&w=2

marc.info/?l=full-disclosure&m=110303988101973&w=2

securitytracker.com/alerts/2004/Dec/1012525.html

www.kb.cert.org/vuls/id/372968

www.securityfocus.com/bid/11909

exchange.xforce.ibmcloud.com/vulnerabilities/18466

exchange.xforce.ibmcloud.com/vulnerabilities/18467

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.9

Confidence

High

EPSS

0.01

Percentile

83.9%

JSON

Related for CVE-2004-1396