CVE-2010-20042
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-20

Last updated on: 2025-08-22

Assigner: VulnCheck

Description
Xion Audio Player versions prior to 1.0.126 are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-20
Last Modified
2025-08-22
Generated
2026-05-07
AI Q&A
2025-08-20
EPSS Evaluated
2026-05-05
NVD
CVE-2010-20042
EUVD
EUVD-2010-5300
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
r2_studios xion_audio_player *
r2_studios xion_audio_player 1.0.126
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a Unicode-based stack buffer overflow in Xion Audio Player versions prior to 1.0.126. It occurs when the player opens a specially crafted .m3u playlist file containing an overly long string that overwrites the Structured Exception Handler (SEH) chain. This allows an attacker to hijack the program's execution flow and run arbitrary code.


How can this vulnerability impact me? :

The vulnerability can allow an attacker to execute arbitrary code on the affected system with the privileges of the user running the Xion Audio Player. This could lead to unauthorized actions such as installing malware, stealing data, or taking control of the system.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart