CNNVD-202508-2537 Information

CNNVD ID

CNNVD-202508-2537

Related CVE

CVE-2010-20123

• CNNVD Published: 2025-08-21

Description (Chinese)

Steinberg MyMP3Player是德国Steinberg公司的一款数字音乐播放和管理软件。 Steinberg MyMP3Player 3.0 build 3.0.0.67版本存在安全漏洞，该漏洞源于解析.m3u文件时未验证输入长度，可能导致栈缓冲区溢出和执行任意代码。

Description (English)

Steinberg MyMP3Player is a digital music play and management software from Steinberg, Germany. Steinberg MyMP3Player 3.0 built 3.0.0.67 has a security loophole, which stems from the failure to verify input lengths when deciphering.m3u files, which could lead to the spilling out of the fence and the implementation of random codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Steinberg

Published

2025-08-21

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/steinburg-mymp3player-buffer-overflow https://www.fortiguard.com/encyclopedia/ips/20813/steinberg-mymp3player-buffer-overflow https://www.exploit-db.com/exploits/16633 https://www.exploit-db.com/exploits/14581 https://www.exploit-db.com/exploits/11791 https://www.chip.de/downloads/myMP3-Player_13008621.html https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mymp3player_m3u.rb https://nvd.nist.gov/vuln/detail/CVE-2010-20123