CVE-2010-10017
WM Downloader 3.1.2.2 Buffer Overflow via Malformed M3U File
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occurs locally when a user opens the malicious file, and the payload executes with the privileges of the current user.
| CWE | CWE-120 CWE-134 |
| Vendor | wm downloader |
| Product | wm downloader |
| Published | Aug 30, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for wm downloader wm downloader
Be the first to know when new unknown vulnerabilities affecting wm downloader wm downloader are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
WM Downloader / WM Downloader
* โค 3.1.2.2
References
raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/wm_downloader_m3u.rb exploit-db.com: https://www.exploit-db.com/exploits/14497 exploit-db.com: https://www.exploit-db.com/exploits/16642 fortiguard.com: https://www.fortiguard.com/encyclopedia/ips/24038/wm-downloader-buffer-overflow vulncheck.com: https://www.vulncheck.com/advisories/wm-downloader-buffer-overflow-via-malformed-m3u-file
Credits
fdiskyou