Lucene search

[email protected]NVD:CVE-2006-3228

HistoryJun 26, 2006 - 8:05 p.m.

CVE-2006-3228

2006-06-2620:05:00

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.897

Percentile

98.8%

JSON

Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file.

Affected configurations

Nvd

Node

nullsoftwinampRange≤5.23

nullsoftwinampMatch2.90

nullsoftwinampMatch2.91

nullsoftwinampMatch2.95

nullsoftwinampMatch3.0

nullsoftwinampMatch3.1

nullsoftwinampMatch5.0

nullsoftwinampMatch5.0.1

nullsoftwinampMatch5.0.2

nullsoftwinampMatch5.01

nullsoftwinampMatch5.1

nullsoftwinampMatch5.02

nullsoftwinampMatch5.2

nullsoftwinampMatch5.03

nullsoftwinampMatch5.03a

nullsoftwinampMatch5.04

nullsoftwinampMatch5.05

nullsoftwinampMatch5.06

nullsoftwinampMatch5.07

nullsoftwinampMatch5.08c

nullsoftwinampMatch5.08d

nullsoftwinampMatch5.08e

nullsoftwinampMatch5.09

nullsoftwinampMatch5.11

nullsoftwinampMatch5.12

nullsoftwinampMatch5.13

nullsoftwinampMatch5.21

nullsoftwinampMatch5.091

nullsoftwinampMatch5.093

nullsoftwinampMatch5.094

VendorProductVersionCPE
nullsoftwinamp*cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*
nullsoftwinamp2.90cpe:2.3:a:nullsoft:winamp:2.90:*:*:*:*:*:*:*
nullsoftwinamp2.91cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*
nullsoftwinamp2.95cpe:2.3:a:nullsoft:winamp:2.95:*:*:*:*:*:*:*
nullsoftwinamp3.0cpe:2.3:a:nullsoft:winamp:3.0:*:*:*:*:*:*:*
nullsoftwinamp3.1cpe:2.3:a:nullsoft:winamp:3.1:*:*:*:*:*:*:*
nullsoftwinamp5.0cpe:2.3:a:nullsoft:winamp:5.0:*:*:*:*:*:*:*
nullsoftwinamp5.0.1cpe:2.3:a:nullsoft:winamp:5.0.1:*:*:*:*:*:*:*
nullsoftwinamp5.0.2cpe:2.3:a:nullsoft:winamp:5.0.2:*:*:*:*:*:*:*
nullsoftwinamp5.01cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nullsoft	winamp	*	cpe:2.3:a:nullsoft:winamp::::::::
nullsoft	winamp	2.90	cpe:2.3:a:nullsoft:winamp:2.90:::::::*
nullsoft	winamp	2.91	cpe:2.3:a:nullsoft:winamp:2.91:::::::*
nullsoft	winamp	2.95	cpe:2.3:a:nullsoft:winamp:2.95:::::::*
nullsoft	winamp	3.0	cpe:2.3:a:nullsoft:winamp:3.0:::::::*
nullsoft	winamp	3.1	cpe:2.3:a:nullsoft:winamp:3.1:::::::*
nullsoft	winamp	5.0	cpe:2.3:a:nullsoft:winamp:5.0:::::::*
nullsoft	winamp	5.0.1	cpe:2.3:a:nullsoft:winamp:5.0.1:::::::*
nullsoft	winamp	5.0.2	cpe:2.3:a:nullsoft:winamp:5.0.2:::::::*
nullsoft	winamp	5.01	cpe:2.3:a:nullsoft:winamp:5.01:::::::*

Rows per page:

1-10 of 301

References

forums.winamp.com/showthread.php?threadid=248100

secunia.com/advisories/20722

www.attrition.org/pipermail/vim/2006-June/000892.html

www.attrition.org/pipermail/vim/2006-June/000893.html

www.winamp.com/about/article.php?aid=10694

www.exploit-db.com/exploits/1935

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.897

Percentile

98.8%

JSON

Related for NVD:CVE-2006-3228

cvelist1 exploitdb1 checkpoint_advisories1 nessus2 cve1