CVE-2010-2009

BS.Global BS.Player - Stack-based Buffer Overflow via Long ID3 Tag in MP3 File

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in the media library in BS.Global BS.Player 2.51 build 1022, 2.41 build 1003, and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long ID3 tag in a .MP3 file. NOTE: some of these details are obtained from third party information.

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38221
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38568

Scores

EPSS 0.0478
EPSS Percentile 90.9%

Details

CWE
CWE-119
Status published
Products (2)
bsplayer/bs.player 2.41
bsplayer/bs.player 2.51
Published May 21, 2010
Tracked Since Feb 18, 2026