CVE-2002-2195

Nullsoft Winamp - Buffer Overflow

Title source: rule

Description

Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · cremotewindows

https://www.exploit-db.com/exploits/21595

View Code ZIP pw:eip

References (3)

[Exploit] http://www.iss.net/security_center/static/9488.php

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/280786

[Exploit, Patch] http://www.securityfocus.com/bid/5170

Scores

EPSS 0.2062

EPSS Percentile 95.6%

Details

Status published

Products (15)

nullsoft/winamp 2.60

nullsoft/winamp 2.61

nullsoft/winamp 2.62

nullsoft/winamp 2.64

nullsoft/winamp 2.65

nullsoft/winamp 2.70 (2 CPE variants)

nullsoft/winamp 2.71

nullsoft/winamp 2.72

nullsoft/winamp 2.73 (2 CPE variants)

nullsoft/winamp 2.74

... and 5 more

Published Dec 31, 2002

Tracked Since Feb 18, 2026