CVE-2011-10022

HIGH

SPlayer <3.7 - Buffer Overflow

Title source: llm

Description

SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17268

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by xsploitedsec · pythonremotewindows

https://www.exploit-db.com/exploits/17243

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/splayer_content_type.rb

View Code ZIP pw:eip

References (5)

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/splayer_content_type.rb

[Various Sources] https://www.splayer.org/

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/17243

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/17268

[Third Party Advisory] https://www.vulncheck.com/advisories/splayer-content-type-header-buffer-overflow

Scores

CVSS v4 8.6

EPSS 0.5013

EPSS Percentile 97.8%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (1)

SPlayer Project/SPlayer < 3.7 (Build 2055)

Published Aug 20, 2025

Tracked Since Feb 18, 2026