Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1068

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-1068
Last Modified 03 Apr 2009 01:43:57
Published 26 Mar 2009 01:51:52
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1068

Summary

Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.

Vulnerable Systems

Application

  • Bsplayer Bs.player 2.32

  • Bsplayer Bs.player 2.34


References

XF - bsplayer-bsl-bo(49342)

VUPEN - ADV-2009-0800

BID - 34190

BUGTRAQ - 20090320 Bs.Player <= 2.34 Build 980 (.bsl) local buffer overflow 0day exploit (seh)

MILW0RM - 8251

MILW0RM - 8249

SECUNIA - 34412

MISC - http://retrogod.altervista.org/9sg_bsplayer_seh.html

OSVDB - 52841


Last Updated: 27 May 2016 10:50:27