CVE Details for CVE: CVE-2004-1396
Summary
Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (application crash or CPU consumption) via (1) an mp4 or m4a playlist file that contains invalid tag data or (2) an invalid .nsv or .nsa file.
Timestamps
Last major update 11-07-2017 - 01:30
Published 31-12-2004 - 05:00
Last modified 11-07-2017 - 01:30
CAPEC
Click the CAPEC title to display a description
CVSS
Base
2.6
Impact
2.9
Exploitability
4.9
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
CVSS3
None
VIA4 references
cvss-vector via4
AV:N/AC:H/Au:N/C:N/I:N/A:P
refmap via4
bid 11909
bugtraq 20041213 Winamp 5.07 (latest version) Remote Crash + other stupid shizle
cert-vn VU#372968
confirm http://forums.winamp.com/showthread.php?s=&threadid=202007
fulldisc 20041213 Winamp 5.07 (latest version) Remote Crash + other
sectrack 1012525
xf
  • winamp-mp4-m4a-dos(18466)
  • winamp-nsa-nsv-dos(18467)