|Title:||BS.Player '.bsl' File Buffer Overflow Vulnerabilities|
|Summary:||Check for the version of BS.Player|
Overview: This host is installed BS Player and is prone to multiple buffer
Multiple flaws are due to,
- A boundary error while processing specially crafted 'BSI' files, when user
opens a specially crafted 'BSI' file containing an overly long 'Skin' key
in the 'Options' section.
- A boundary error in the processing of 'ID3' tags when a user adds a specially
crafted mp3 file to the media library.
Successful exploitation will allow attackers to to execute arbitrary code by
tricking a user into opening a specially files. Failed attacks will cause
Impact Level: Application.
Affected Software :
BS.Global BS.Player version 2.51 Build 1022 and prior.
Fix: No solution or patch is available as of 24th May, 2010. Information
regarding this issue will be updated once the solution details are available.
For updates refer to http://www.bsplayer.org/
BugTraq ID: 37831|
BugTraq ID: 38568
Common Vulnerability Exposure (CVE) ID: CVE-2010-2004
XForce ISS Database: bsplayer-bsi-bo(55708)
Common Vulnerability Exposure (CVE) ID: CVE-2010-2009
|Copyright||Copyright (C) 2010 SecPod|
|This is only one of 39644 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.