CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
89.5%
Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.
Vendor | Product | Version | CPE |
---|---|---|---|
nullsoft | winamp | 2.60 | cpe:2.3:a:nullsoft:winamp:2.60:*:lite:*:*:*:*:* |
nullsoft | winamp | 2.61 | cpe:2.3:a:nullsoft:winamp:2.61:*:full:*:*:*:*:* |
nullsoft | winamp | 2.62 | cpe:2.3:a:nullsoft:winamp:2.62:*:standard:*:*:*:*:* |
nullsoft | winamp | 2.64 | cpe:2.3:a:nullsoft:winamp:2.64:*:standard:*:*:*:*:* |
nullsoft | winamp | 2.65 | cpe:2.3:a:nullsoft:winamp:2.65:*:*:*:*:*:*:* |
nullsoft | winamp | 2.70 | cpe:2.3:a:nullsoft:winamp:2.70:*:*:*:*:*:*:* |
nullsoft | winamp | 2.70 | cpe:2.3:a:nullsoft:winamp:2.70:*:full:*:*:*:*:* |
nullsoft | winamp | 2.71 | cpe:2.3:a:nullsoft:winamp:2.71:*:*:*:*:*:*:* |
nullsoft | winamp | 2.72 | cpe:2.3:a:nullsoft:winamp:2.72:*:*:*:*:*:*:* |
nullsoft | winamp | 2.73 | cpe:2.3:a:nullsoft:winamp:2.73:*:*:*:*:*:*:* |