Nullsoft

nullsoft

76 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Shoutcast Server

shoutcast_server

Nullsoft Scriptable Install System

nullsoft_scriptable_install_system

CVEs (76)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2002-1524 1Nullsoft 1Winamp Apr 16, 2026 Apr 2, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.
CVE-2002-2412 1Nullsoft 1Winamp Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 2.1 LOW· v2 Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.
CVE-2002-2392 1Nullsoft 1Winamp Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code.
CVE-2002-2195 1Nullsoft 1Winamp Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.
CVE-2002-1177 1Nullsoft 1Winamp Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.
CVE-2002-1176 1Nullsoft 1Winamp Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist ID3v2 tag in an MP3 file.
CVE-2002-0907 1Nullsoft 1Shoutcast Server Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-".
CVE-2002-0547 1Nullsoft 1Winamp Apr 16, 2026 Jul 3, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field of an ID3v2 tag.
CVE-2002-0546 1Nullsoft 1Winamp Apr 16, 2026 Jul 3, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file.
CVE-2002-0284 1Nullsoft 1Winamp Apr 16, 2026 May 31, 2002 N/A· v4 N/A· v3 2.6 LOW· v2 Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers...Show more Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.Show less
CVE-2002-0199 1Nullsoft 1Shoutcast Server Apr 16, 2026 May 16, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an argument with a large number of backslashes.
CVE-2001-1304 1Nullsoft 1Shoutcast Server Apr 16, 2026 Aug 3, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header.
CVE-2001-0490 1Nullsoft 1Winamp Apr 16, 2026 Jun 27, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file.
CVE-2000-0624 1Nullsoft 1Winamp Apr 16, 2026 Jul 20, 2000 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Winamp 2.64 and earlier allows remote attackers to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist.
CVE-2000-0049 1Nullsoft 1Winamp Apr 16, 2026 Jan 4, 2000 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
CVE-1999-1561 1Nullsoft 1Shoutcast Server Apr 16, 2026 Aug 20, 1999 N/A· v4 N/A· v3 7.2 HIGH· v2 Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.

Previous 1 2 34