Vulnerability Details CVE-2002-2392
Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.5%
CVSS Severity
CVSS v2 Score 6.4
References
Products affected by CVE-2002-2392
-
cpe:2.3:a:nullsoft:winamp:2.65
-
cpe:2.3:a:nullsoft:winamp:2.70
-
cpe:2.3:a:nullsoft:winamp:2.71
-
cpe:2.3:a:nullsoft:winamp:2.72
-
cpe:2.3:a:nullsoft:winamp:2.73
-
cpe:2.3:a:nullsoft:winamp:2.74
-
cpe:2.3:a:nullsoft:winamp:2.75
-
cpe:2.3:a:nullsoft:winamp:2.76
-
cpe:2.3:a:nullsoft:winamp:2.77
-
cpe:2.3:a:nullsoft:winamp:2.78
-
cpe:2.3:a:nullsoft:winamp:2.79
-
cpe:2.3:a:nullsoft:winamp:2.80
-
cpe:2.3:a:nullsoft:winamp:3.1