CVE-2010-10016
BS.Player 2.57 Buffer Overflow via M3U Playlist Import
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded in the playlist, allowing overwrite of Structured Exception Handler (SEH) records. The vulnerability is triggered upon opening a crafted playlist file and affects the Unicode parsing logic in the Windows client.
| CWE | CWE-120 |
| Vendor | bs.player |
| Product | bs.player free and pro editions |
| Published | Aug 30, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for bs.player bs.player free and pro editions
Be the first to know when new unknown vulnerabilities affecting bs.player bs.player free and pro editions are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
BS.Player / BS.Player Free and Pro Editions
* โค 2.57 (build 1051)
References
raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/bsplayer_m3u.rb exploit-db.com: https://www.exploit-db.com/exploits/15934 exploit-db.com: https://www.exploit-db.com/exploits/18375 bsplayer.com: http://www.bsplayer.com/ vulncheck.com: https://www.vulncheck.com/advisories/bs-player-buffer-overflow-via-m3u-playlist-import
Credits
C4SS!0 G0M3S