CVE-2010-2009
BS.Global BS.Player - Stack-based Buffer Overflow via Long ID3 Tag in MP3 File
Title source: llmDescription
Stack-based buffer overflow in the media library in BS.Global BS.Player 2.51 build 1022, 2.41 build 1003, and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long ID3 tag in a .MP3 file. NOTE: some of these details are obtained from third party information.
References (4)
Core 4
Core References
Exploit x_refsource_misc
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4932.php
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38221
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38568
Exploit, Third Party Advisory x_refsource_misc
http://www.packetstormsecurity.org/1003-advisories/bsplayerml-overflow.txt
Scores
EPSS
0.0478
EPSS Percentile
90.9%
Details
CWE
CWE-119
Status
published
Products (2)
bsplayer/bs.player
2.41
bsplayer/bs.player
2.51
Published
May 21, 2010
Tracked Since
Feb 18, 2026