CVE-2007-4392
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/08/2007
Last modified:
15/10/2018
Description
Winamp 5.35 allows remote attackers to cause a denial of service (program stack overflow and application crash) via an M3U file that recursively includes itself.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:nullsoft:winamp:5.35:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://morph3us.org/advisories/20070730-winamp-5.35.txt
- http://securityreason.com/securityalert/3040
- http://www.securityfocus.com/archive/1/475161/100/200/threaded
- http://www.securityfocus.com/archive/1/475183/100/200/threaded
- http://www.securityfocus.com/archive/1/475260/100/200/threaded
- http://www.securityfocus.com/archive/1/475489/100/200/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15504