This host is installed BS Player and is prone to multiple buffer overflow vulnerabilities.
Successful exploitation will allow attackers to to execute arbitrary code by tricking a user into opening a specially files. Failed attacks will cause denial-of-service conditions. Impact Level: Application.
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Multiple flaws are due to, - A boundary error while processing specially crafted 'BSI' files, when user opens a specially crafted 'BSI' file containing an overly long 'Skin' key in the 'Options' section. - A boundary error in the processing of 'ID3' tags when a user adds a specially crafted mp3 file to the media library.
BS.Global BS.Player version 2.51 Build 1022 and prior.
- CursorArts ZipWrangler 'ZIP Processing' Buffer Overflow Vulnerability
- Adobe InDesign 'INDD' File Handling Remote Buffer Overflow Vulnerability
- Cscope putstring Multiple Buffer Overflow vulnerability
- Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)
- Adobe Audition '.ses' Multiple Buffer Overflow Vulnerabilities (Windows)