CVE-2006-0476

Severity

76%

Complexity

49%

Confidentiality

165%

Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).

Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).

CVSS 2.0 Base Score 7.6. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C).

Overview

First reported 19 years ago

2006-01-31 11:03:00

Last updated 6 years ago

2018-10-19 15:45:00

Affected Software

Nullsoft Winamp 5.12

5.12

References

18649

Patch, Vendor Advisory

386

398

1015552

http://www.heise.de/newsticker/meldung/68981

VU#604745

US Government Resource

22789

20060130 Winamp 5.12 - 0day exploit - code execution through playlist

20060131 Re: Re: Winamp 5.12 - 0day exploit - code execution through playlist

16410

TA06-032A

US Government Resource

ADV-2006-0361

http://www.winamp.com/player/version_history.php

winamp-playlist-filename-bo(24361)

oval:org.mitre.oval:def:1402

3422

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.