CVE-2010-2004 Information

Description

Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free and possibly other versions allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi) a different vulnerability than CVE-2009-1068.

Reference

http://secunia.com/advisories/38221 http://www.exploit-db.com/exploits/11154 http://www.mertsarica.com/?p=511 http://www.mertsarica.com/codes/bsplayer_seh_overwrite.py http://www.securityfocus.com/bid/37831 http://www.vupen.com/english/advisories/2010/0148 https://exchange.xforce.ibmcloud.com/vulnerabilities/55708