Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0284

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2002-0284
Last Modified 05 Sep 2008 04:27:38
Published 31 May 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2002-0284

Summary

Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.

Vulnerable Systems

Application

  • Nullsoft Winamp 2.77

  • Nullsoft Winamp 2.78


References

BUGTRAQ - 20020215 winamp and wma Song Licenses


Last Updated: 27 May 2016 10:36:52