High severityNVD Advisory· Published Aug 20, 2025· Updated Apr 15, 2026

CVE-2011-10025

Description

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rbnvd
sourceforge.net/projects/subtitleproc/nvd
www.exploit-db.com/exploits/17217nvd
www.exploit-db.com/exploits/17225nvd
www.fortiguard.com/encyclopedia/ips/26849nvd
www.vulncheck.com/advisories/subtitle-processor-m3u-seh-unicode-buffer-overflownvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.008
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000