CVE-2002-0284

Published: May 31, 2002Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:P/I:N/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.

Affected (2)

Products: Nullsoft: Winamp

Nullsoft

1 product

Winamp

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Nullsoft Winamp	Version 2.77
Nullsoft Winamp	Version 2.78

References (2)

http://marc.info/?l=bugtraq&m=101408781031527&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=101408781031527&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.