Buffer overflow in Bsplayer Bs.player

CVE-2010-2004

Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a d…

Vulnerability class: Buffer Overflow

EPSS: 0.248 (96.3th percentile) — read the EPSS interpretation.

Affected products

Bsplayer Bs.player — versions 2.51
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

ADV-2010-0148 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (Exploit, x_refsource_MISC)
38221 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (Exploit, x_refsource_MISC)
bsplayer-bsi-bo(55708) (vdb-entry, x_refsource_XF)
37831 (Exploit, vdb-entry, x_refsource_BID)
11154 (exploit, x_refsource_EXPLOIT-DB)