Unrated severityNVD Advisory· Published May 21, 2010· Updated Apr 29, 2026

CVE-2010-2009

Description

Stack-based buffer overflow in the media library in BS.Global BS.Player 2.51 build 1022, 2.41 build 1003, and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long ID3 tag in a .MP3 file. NOTE: some of these details are obtained from third party information.

Affected products

Bsplayer/Bs.player2 versions
cpe:2.3:a:bsplayer:bs.player:2.41:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:bsplayer:bs.player:2.41:*:*:*:*:*:*:*
- cpe:2.3:a:bsplayer:bs.player:2.51:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/38568nvdExploit
www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4932.phpnvdExploit
secunia.com/advisories/38221nvdVendor Advisory
www.packetstormsecurity.org/1003-advisories/bsplayerml-overflow.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.010
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000