High severityNVD Advisory· Published Aug 20, 2025· Updated Apr 15, 2026
CVE-2011-10023
CVE-2011-10023
Description
MJM QuickPlayer (likely now referred to as MJM Player) version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code. Exploitation is achieved via a crafted payload that bypasses DEP and ASLR protections using ROP techniques, and requires user interaction to open the file.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- mjm-software.comnvd
- raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_quickplayer_s3m.rbnvd
- web.archive.org/web/20111016194042/https://www.corelan.be/index.php/forum/security-advisories/corelan-11-003-mjm-quickplayer-2-3-2010-stack-buffer-overflow-s3m/nvd
- www.exploit-db.com/exploits/17229nvd
- www.vulncheck.com/advisories/mjm-quickplayer-s3m-stack-based-buffer-overflownvd
News mentions
0No linked articles in our index yet.