CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0546

Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://archives.neohapsis.com/archives/bugtraq/2002-04/0026.html
http://archives.neohapsis.com/archives/bugtraq/2002-04/0049.html
http://www.iss.net/security_center/static/8753.php
http://www.securityfocus.com/bid/4414
http://archives.neohapsis.com/archives/bugtraq/2002-04/0026.html
http://archives.neohapsis.com/archives/bugtraq/2002-04/0049.html
http://www.iss.net/security_center/static/8753.php
http://www.securityfocus.com/bid/4414

Products affected by CVE-2002-0546

Nullsoft » Winamp » Version: 2.78

cpe:2.3:a:nullsoft:winamp:2.78
Nullsoft » Winamp » Version: 2.79

cpe:2.3:a:nullsoft:winamp:2.79

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0546

Products

Pricing

Contact Us