CVE-2007-4392

Published: Aug 17, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.

Affected (1)

Products: Nullsoft: Winamp

Nullsoft

1 product

Winamp

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nullsoft Winamp	Version 5.35

References (14)

http://morph3us.org/advisories/20070730-winamp-5.35.txt

Source: cve@mitre.org

http://securityreason.com/securityalert/3040

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/475161/100/200/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/475183/100/200/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/475260/100/200/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/475489/100/200/threaded

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15504

Source: cve@mitre.org

http://morph3us.org/advisories/20070730-winamp-5.35.txt