CNNVD-202508-2523 Information
CNNVD ID
CNNVD-202508-2523
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
Xion Audio Player是美国Xion Audio Player公司的一款音频播放器。 Xion Audio Player 1.0.126之前版本存在安全漏洞,该漏洞源于处理特制.m3u播放列表文件时存在基于Unicode的栈缓冲区溢出,可能导致执行任意代码。
Description (English)
Xion Auto Player is an audio player for Xion Auto Player in the United States. There was a security loophole in the previous version of Xion Auto Player 1.0.126, which stemmed from the spilling of the unicode-based silo buffer zone when processing the specially designed.m3u playlist file, which could lead to the implementation of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Xion Audio Player
Published
2025-08-20
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/xion-audio-player-unicode-stack-buffer-overflow https://www.r2.com.au/page/products/download/xion-audio-player/ https://www.exploit-db.com/exploits/16653 https://www.exploit-db.com/exploits/15598 https://www.exploit-db.com/exploits/14633 https://www.exploit-db.com/exploits/14517 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/xion_m3u_sehbof.rb https://nvd.nist.gov/vuln/detail/CVE-2010-20042
Patch
https://www.r2.com.au/page/products/download/xion-audio-player/
Share on: