CNNVD-202508-2520 Information
CNNVD ID
CNNVD-202508-2520
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
SPlayer是中国射手影音(SPlayer)公司的一款视频播放器。 SPlayer 3.7及之前版本存在安全漏洞,该漏洞源于处理HTTP响应时存在基于栈的缓冲区溢出,可能导致执行任意代码。
Description (English)
Splayer is a video player from the Chinese Slayer company. There is a security gap in SPlayer 3.7 and earlier versions, which stems from the spilling of a cage-based buffer zone during HTTP response, which could lead to the enforcement of arbitrary codes.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
射手影音
Published
2025-08-20
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/splayer-content-type-header-buffer-overflow https://www.splayer.org/ https://www.exploit-db.com/exploits/17268 https://www.exploit-db.com/exploits/17243 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/splayer_content_type.rb https://nvd.nist.gov/vuln/detail/CVE-2011-10022
Share on: