Vulnerability Details CVE-2004-0820
Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 88.4%
CVSS Severity
CVSS v2 Score 4.6
References
- http://secunia.com/advisories/12381/
- http://www.auscert.org.au/render.html?it=4338
- http://www.frsirt.com/exploits/08252004.skinhead.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17124
- http://secunia.com/advisories/12381/
- http://www.auscert.org.au/render.html?it=4338
- http://www.frsirt.com/exploits/08252004.skinhead.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17124
Products affected by CVE-2004-0820
-
cpe:2.3:a:nullsoft:winamp:2.10
-
cpe:2.3:a:nullsoft:winamp:2.24
-
cpe:2.3:a:nullsoft:winamp:2.4
-
cpe:2.3:a:nullsoft:winamp:2.50
-
cpe:2.3:a:nullsoft:winamp:2.5e
-
cpe:2.3:a:nullsoft:winamp:2.60
-
cpe:2.3:a:nullsoft:winamp:2.61
-
cpe:2.3:a:nullsoft:winamp:2.62
-
cpe:2.3:a:nullsoft:winamp:2.64
-
cpe:2.3:a:nullsoft:winamp:2.65
-
cpe:2.3:a:nullsoft:winamp:2.70
-
cpe:2.3:a:nullsoft:winamp:2.71
-
cpe:2.3:a:nullsoft:winamp:2.72
-
cpe:2.3:a:nullsoft:winamp:2.73
-
cpe:2.3:a:nullsoft:winamp:2.74
-
cpe:2.3:a:nullsoft:winamp:2.75
-
cpe:2.3:a:nullsoft:winamp:2.76
-
cpe:2.3:a:nullsoft:winamp:2.77
-
cpe:2.3:a:nullsoft:winamp:2.78
-
cpe:2.3:a:nullsoft:winamp:2.79
-
cpe:2.3:a:nullsoft:winamp:2.80
-
cpe:2.3:a:nullsoft:winamp:2.81
-
cpe:2.3:a:nullsoft:winamp:2.91
-
cpe:2.3:a:nullsoft:winamp:3.0
-
cpe:2.3:a:nullsoft:winamp:3.1
-
cpe:2.3:a:nullsoft:winamp:5.01
-
cpe:2.3:a:nullsoft:winamp:5.02
-
cpe:2.3:a:nullsoft:winamp:5.03
-
cpe:2.3:a:nullsoft:winamp:5.04