Critical severityNVD Advisory· Published Aug 30, 2025· Updated Apr 15, 2026

CVE-2010-10016

Description

BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded in the playlist, allowing overwrite of Structured Exception Handler (SEH) records. The vulnerability is triggered upon opening a crafted playlist file and affects the Unicode parsing logic in the Windows client.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.bsplayer.comnvd
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/bsplayer_m3u.rbnvd
www.exploit-db.com/exploits/15934nvd
www.exploit-db.com/exploits/18375nvd
www.vulncheck.com/advisories/bs-player-buffer-overflow-via-m3u-playlist-importnvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.047
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000