- Description
- Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nullsoft:winamp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92312F29-8D4C-4998-BC4B-C92E72D298D8",
"versionEndIncluding": "5.093"
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.03a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEF39A44-528E-4BE8-A923-FFB53C2378F6"
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.09:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "057B033C-7836-41E0-B184-F9D5DFC42C86"
},
{
"criteria": "cpe:2.3:a:nullsoft:winamp:5.091:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C6A1F15-A3FA-40FB-980A-569F77E1D104"
}
],
"operator": "OR"
}
]
}
]