CVE-2010-20042
Xion Audio Player โค 1.0.126 Unicode Stack Buffer Overflow
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Xion Audio Player versions prior to 1.0.126 are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code.
| CWE | CWE-121 |
| Vendor | xion |
| Product | audio player |
| Published | Aug 20, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for xion audio player
Be the first to know when new unknown vulnerabilities affecting xion audio player are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Xion / Audio Player
* โค 1.0.126
References
raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/xion_m3u_sehbof.rb exploit-db.com: https://www.exploit-db.com/exploits/14517 exploit-db.com: https://www.exploit-db.com/exploits/14633 exploit-db.com: https://www.exploit-db.com/exploits/15598 exploit-db.com: https://www.exploit-db.com/exploits/16653 r2.com.au: https://www.r2.com.au/page/products/download/xion-audio-player/ vulncheck.com: https://www.vulncheck.com/advisories/xion-audio-player-unicode-stack-buffer-overflow
Credits
hadji samir