CVE-2006-0708

Published: Feb 15, 2006Modified: Apr 16, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476.

Affected (18)

Products: Nullsoft: Winamp

1 product

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Nullsoft Winamp	Version 5.01
Nullsoft Winamp	Version 5.02
Nullsoft Winamp	Version 5.03
Nullsoft Winamp	Version 5.04
Nullsoft Winamp	Version 5.05
Nullsoft Winamp	Version 5.06
Nullsoft Winamp	Version 5.07
Nullsoft Winamp	Version 5.08c
Nullsoft Winamp	Version 5.08d
Nullsoft Winamp	Version 5.08e
Nullsoft Winamp	Version 5.091
Nullsoft Winamp	Version 5.093
Nullsoft Winamp	Version 5.094
Nullsoft Winamp	Version 5.09
Nullsoft Winamp	Version 5.0
Nullsoft Winamp	Version 5.11
Nullsoft Winamp	Version 5.12
Nullsoft Winamp	Version 5.13

References (20)

http://forums.winamp.com/showthread.php?s=&threadid=238648

Source: cve@mitre.org

http://securityreason.com/securityalert/444

Source: cve@mitre.org

http://securityreason.com/securityalert/492

Source: cve@mitre.org

http://securitytracker.com/id?1015621

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/424903/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16623

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0613

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24739

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24740

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24741

Source: cve@mitre.org

http://forums.winamp.com/showthread.php?s=&threadid=238648

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/444

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/492

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015621

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/archive/1/424903/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/16623

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/0613

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/24739

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/24740

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/24741

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.