Vulnerability Details CVE-2004-1396
Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 85.0%
CVSS Severity
CVSS v2 Score 2.6
References
- http://forums.winamp.com/showthread.php?s=&threadid=202007
- http://marc.info/?l=bugtraq&m=110297310503541&w=2
- http://marc.info/?l=full-disclosure&m=110303988101973&w=2
- http://securitytracker.com/alerts/2004/Dec/1012525.html
- http://www.kb.cert.org/vuls/id/372968
- http://www.securityfocus.com/bid/11909
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18466
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18467
- http://forums.winamp.com/showthread.php?s=&threadid=202007
- http://marc.info/?l=bugtraq&m=110297310503541&w=2
- http://marc.info/?l=full-disclosure&m=110303988101973&w=2
- http://securitytracker.com/alerts/2004/Dec/1012525.html
- http://www.kb.cert.org/vuls/id/372968
- http://www.securityfocus.com/bid/11909
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18466
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18467