Vulnerability Description
Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album ID3v2 tag.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nullsoft | Winamp | 3.0 |
References
- http://marc.info/?l=bugtraq&m=104025874209567&w=2
- http://www.securityfocus.com/bid/6429
- http://marc.info/?l=bugtraq&m=104025874209567&w=2
- http://www.securityfocus.com/bid/6429
FAQ
What is CVE-2002-1177?
CVE-2002-1177 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows remote attackers to execute arbitrary code via an MP3 file containing a long (1) Artist or (2) Album...
How severe is CVE-2002-1177?
CVE-2002-1177 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1177?
Check the references section above for vendor advisories and patch information. Affected products include: Nullsoft Winamp.