2008-08-10 22:41:00 2017-09-29 03:31:44

Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting (XSS) attacks via an MP3 file with JavaScript in id3 tags.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
Nullsoft Winamp 5.03a (not an official CPE) Nullsoft Winamp 5.12 Nullsoft Winamp 5.13 Nullsoft Winamp 5.54 Nullsoft Winamp 2.90 (not an official CPE) Nullsoft Winamp 5.11 Nullsoft Winamp 5.091 Nullsoft Winamp 2.91 Nullsoft Winamp 2.50 (not an official CPE) Nullsoft Winamp 2.4 (not an official CPE) Nullsoft Winamp 2.62 (not an official CPE) Nullsoft Winamp 2.65 (not an official CPE) Nullsoft Winamp 2.64 (not an official CPE) Nullsoft Winamp 5.05 Nullsoft Winamp 5.06 Nullsoft Winamp 5.03 Nullsoft Winamp 5.04 Nullsoft Winamp 2.24 (not an official CPE) Nullsoft Winamp 5.01 Nullsoft Winamp 5.02 Nullsoft Winamp 2.61 (not an official CPE) Nullsoft Winamp 2.60 (not an official CPE) Nullsoft Winamp 5.09 Nullsoft Winamp 5.111 Nullsoft Winamp 5.07 Nullsoft Winamp 5.112 Nullsoft Winamp 5.08 (not an official CPE) Nullsoft Winamp 3.0 (not an official CPE) Nullsoft Winamp 5.31 Nullsoft Winamp 2.74 (not an official CPE) Nullsoft Winamp 2.73 (not an official CPE) Nullsoft Winamp 2.76 (not an official CPE) Nullsoft Winamp 2.75 (not an official CPE) Nullsoft Winamp 3.1 (not an official CPE) Nullsoft Winamp 2.78 (not an official CPE) Nullsoft Winamp 5.0 Nullsoft Winamp 2.77 (not an official CPE) Nullsoft Winamp 5.36 Nullsoft Winamp 2.79 (not an official CPE) Nullsoft Winamp 5.34 Nullsoft Winamp 5.35 Nullsoft Winamp 5.32 Nullsoft Winamp 5.33 Nullsoft Winamp 2.70 (not an official CPE) Nullsoft Winamp 5.5 Nullsoft Winamp 2.72 (not an official CPE) Nullsoft Winamp 2.71 (not an official CPE) Nullsoft Winamp 5.3 Nullsoft Winamp 5.0.1 (not an official CPE) Nullsoft Winamp 5.0.2 (not an official CPE) Nullsoft Winamp 5.1 (not an official CPE) Nullsoft Winamp 5.2 Nullsoft Winamp 2.5e (not an official CPE) Nullsoft Winamp 5.094 Nullsoft Winamp 5.093 Nullsoft Winamp 5.08e Nullsoft Winamp 2.6x (not an official CPE) Nullsoft Winamp 5.23 Nullsoft Winamp 5.08c Nullsoft Winamp 5.24 Nullsoft Winamp 5.08d Nullsoft Winamp 5.21 Nullsoft Winamp 5.22 Nullsoft Winamp 2.81 (not an official CPE) Nullsoft Winamp 2.80 (not an official CPE) Nullsoft Winamp 2.7x (not an official CPE) Nullsoft Winamp 2.10 Nullsoft Winamp 2.95 Nullsoft Winamp 5.51 Nullsoft Winamp 5.53 Nullsoft Winamp 5.52 Nullsoft Winamp 2.0