CVE Vulnerabilities

CVE-2004-0820

Published: Aug 28, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin file.

Affected Software

Name Vendor Start Version End Version
Winamp Nullsoft 2.4 (including) 2.4 (including)
Winamp Nullsoft 2.5e (including) 2.5e (including)
Winamp Nullsoft 2.10 (including) 2.10 (including)
Winamp Nullsoft 2.24 (including) 2.24 (including)
Winamp Nullsoft 2.50 (including) 2.50 (including)
Winamp Nullsoft 2.60 (including) 2.60 (including)
Winamp Nullsoft 2.61 (including) 2.61 (including)
Winamp Nullsoft 2.62 (including) 2.62 (including)
Winamp Nullsoft 2.64 (including) 2.64 (including)
Winamp Nullsoft 2.65 (including) 2.65 (including)
Winamp Nullsoft 2.70 (including) 2.70 (including)
Winamp Nullsoft 2.71 (including) 2.71 (including)
Winamp Nullsoft 2.72 (including) 2.72 (including)
Winamp Nullsoft 2.73 (including) 2.73 (including)
Winamp Nullsoft 2.74 (including) 2.74 (including)
Winamp Nullsoft 2.75 (including) 2.75 (including)
Winamp Nullsoft 2.76 (including) 2.76 (including)
Winamp Nullsoft 2.77 (including) 2.77 (including)
Winamp Nullsoft 2.78 (including) 2.78 (including)
Winamp Nullsoft 2.79 (including) 2.79 (including)
Winamp Nullsoft 2.80 (including) 2.80 (including)
Winamp Nullsoft 2.81 (including) 2.81 (including)
Winamp Nullsoft 2.91 (including) 2.91 (including)
Winamp Nullsoft 3.0 (including) 3.0 (including)
Winamp Nullsoft 3.1 (including) 3.1 (including)
Winamp Nullsoft 5.01 (including) 5.01 (including)
Winamp Nullsoft 5.02 (including) 5.02 (including)
Winamp Nullsoft 5.03 (including) 5.03 (including)
Winamp Nullsoft 5.04 (including) 5.04 (including)

References