Vulnerability Details CVE-2002-0547
Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0373.html
- http://www.iss.net/security_center/static/8946.php
- http://www.securityfocus.com/bid/4609
- http://www.winamp.com/download/newfeatures.jhtml
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0373.html
- http://www.iss.net/security_center/static/8946.php
- http://www.securityfocus.com/bid/4609
- http://www.winamp.com/download/newfeatures.jhtml
Products affected by CVE-2002-0547
-
cpe:2.3:a:nullsoft:winamp:0.20a
-
cpe:2.3:a:nullsoft:winamp:0.92
-
cpe:2.3:a:nullsoft:winamp:1.006
-
cpe:2.3:a:nullsoft:winamp:1.90
-
cpe:2.3:a:nullsoft:winamp:2.0
-
cpe:2.3:a:nullsoft:winamp:2.10
-
cpe:2.3:a:nullsoft:winamp:2.6
-
cpe:2.3:a:nullsoft:winamp:2.9