CVE-2004-0820

Опубликовано: 28 авг. 2004

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.

Ссылки

http://secunia.com/advisories/12381/
Patch
Vendor Advisory
http://www.auscert.org.au/render.html?it=4338
Patch
Vendor Advisory
http://www.frsirt.com/exploits/08252004.skinhead.php
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17124
http://secunia.com/advisories/12381/
Patch
Vendor Advisory
http://www.auscert.org.au/render.html?it=4338
Patch
Vendor Advisory
http://www.frsirt.com/exploits/08252004.skinhead.php
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17124

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:nullsoft:winamp:2.4:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.5e:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.10:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.24:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.50:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.60:*:full:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.60:*:lite:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.61:*:full:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.62:*:standard:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.64:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.64:*:standard:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.65:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.70:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.70:*:full:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.71:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.72:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.73:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.73:*:full:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.74:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.75:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.76:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.77:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.78:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.79:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.80:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.81:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:2.91:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:3.0:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:3.1:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:5.01:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:5.02:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:5.03:*:*:*:*:*:*:*

cpe:2.3:a:nullsoft:winamp:5.04:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02148

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-q427-h43h-5g3g

github

почти 4 года назад