Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0476

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2006-0476
Last Modified 07 Mar 2011 09:30:08
Published 31 Jan 2006 06:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-0476

Summary

Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).

Vulnerable Systems

Application

  • Nullsoft Winamp 5.12


References

CERT - TA06-032A

CERT-VN - VU#604745

SECUNIA - 18649

XF - winamp-playlist-filename-bo(24361)

MISC - http://www.winamp.com/player/version_history.php

VUPEN - ADV-2006-0361

BID - 16410

BUGTRAQ - 20060131 Re: Re: Winamp 5.12 - 0day exploit - code execution through playlist

BUGTRAQ - 20060130 Winamp 5.12 - 0day exploit - code execution through playlist

OSVDB - 22789

MISC - http://www.heise.de/newsticker/meldung/68981

SECTRACK - 1015552

MILW0RM - 3422

SREASON - 398

SREASON - 386

MILW0RM - 1458

XF - winamp-playlist-computername-bo(24361)


Last Updated: 27 May 2016 10:39:19