CVE-2004-1119

Nullsoft Winamp - Buffer Overflow

Title source: rule

Description

Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by k-otik · cremotewindows

https://www.exploit-db.com/exploits/654

View Code ZIP pw:eip

References (10)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18197

[Mailing List] http://marc.info/?l=bugtraq&m=110123330404482&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=110146036300803&w=2

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/11730

[Third Party Advisory] http://secunia.com/advisories/13269/

[Mailing List] http://marc.info/?l=ntbugtraq&m=110135574326217&w=2

[US Government Resource] http://www.kb.cert.org/vuls/id/986504

[Mailing List] http://marc.info/?l=ntbugtraq&m=110126352412395&w=2

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2004-11/0369.html

[Various Sources] http://www.security-assessment.com/Papers/Winamp_IN_CDDA_Buffer_Overflow.pdf

Scores

EPSS 0.5544

EPSS Percentile 98.1%

Details

Status published

Products (6)

nullsoft/winamp 5.01

nullsoft/winamp 5.02

nullsoft/winamp 5.03

nullsoft/winamp 5.04

nullsoft/winamp 5.05

nullsoft/winamp 5.06

Published Jan 10, 2005

Tracked Since Feb 18, 2026