CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2412

Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.8%

CVSS Severity

CVSS v2 Score 2.1

References

http://online.securityfocus.com/archive/1/273257
http://www.iss.net/security_center/static/9114.php
http://www.securityfocus.com/bid/4781
http://online.securityfocus.com/archive/1/273257
http://www.iss.net/security_center/static/9114.php
http://www.securityfocus.com/bid/4781

Products affected by CVE-2002-2412

Nullsoft » Winamp » Version: 2.80

cpe:2.3:a:nullsoft:winamp:2.80

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2412

Products

Pricing

Contact Us