CVE-2004-1396

Published: Dec 31, 2004Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:N/A:P

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.

Affected (1)

Products: Nullsoft: Winamp

Nullsoft

1 product

Winamp

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nullsoft Winamp	Version 5.07

References (16)

http://forums.winamp.com/showthread.php?s=&threadid=202007

Source: cve@mitre.org

Exploit

http://marc.info/?l=bugtraq&m=110297310503541&w=2

Source: cve@mitre.org

http://marc.info/?l=full-disclosure&m=110303988101973&w=2

Source: cve@mitre.org

http://securitytracker.com/alerts/2004/Dec/1012525.html

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/372968

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/bid/11909

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/18466

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/18467

Source: cve@mitre.org

http://forums.winamp.com/showthread.php?s=&threadid=202007