Lucene search

[email protected]NVD:CVE-2004-1896

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-1896

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.24

Percentile

96.6%

JSON

Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file.

Affected configurations

Nvd

Node

nullsoftwinampMatch2.91

nullsoftwinampMatch3.0

nullsoftwinampMatch3.1

nullsoftwinampMatch5.0.1

nullsoftwinampMatch5.0.2

VendorProductVersionCPE
nullsoftwinamp2.91cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*
nullsoftwinamp3.0cpe:2.3:a:nullsoft:winamp:3.0:*:*:*:*:*:*:*
nullsoftwinamp3.1cpe:2.3:a:nullsoft:winamp:3.1:*:*:*:*:*:*:*
nullsoftwinamp5.0.1cpe:2.3:a:nullsoft:winamp:5.0.1:*:*:*:*:*:*:*
nullsoftwinamp5.0.2cpe:2.3:a:nullsoft:winamp:5.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nullsoft	winamp	2.91	cpe:2.3:a:nullsoft:winamp:2.91:::::::*
nullsoft	winamp	3.0	cpe:2.3:a:nullsoft:winamp:3.0:::::::*
nullsoft	winamp	3.1	cpe:2.3:a:nullsoft:winamp:3.1:::::::*
nullsoft	winamp	5.0.1	cpe:2.3:a:nullsoft:winamp:5.0.1:::::::*
nullsoft	winamp	5.0.2	cpe:2.3:a:nullsoft:winamp:5.0.2:::::::*

References

marc.info/?l=bugtraq&m=108118289208693&w=2

secunia.com/advisories/11285

securitytracker.com/id?1009660

www.nextgenss.com/advisories/winampheap.txt

www.osvdb.org/4944

www.securityfocus.com/bid/10045

exchange.xforce.ibmcloud.com/vulnerabilities/15727

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.24

Percentile

96.6%

JSON

Related for NVD:CVE-2004-1896

checkpoint_advisories1 cvelist1 cve1