CVE-2011-10023
BaseFortify
Publication date: 2025-08-20
Last updated on: 2025-08-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mjm | quickplayer | 1.00_beta_60a |
| mjm | quickplayer | 2010 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in MJM QuickPlayer 2010 caused by improper bounds checking when parsing .s3m music files. An attacker can craft a malicious .s3m file that, when opened by the user, overwrites memory and allows execution of arbitrary code by bypassing DEP and ASLR protections using ROP techniques.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to execute arbitrary code on your system with the privileges of the user running MJM QuickPlayer. This could lead to system compromise, data theft, or installation of malware. Exploitation requires user interaction to open a malicious file.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid opening .s3m music files from untrusted or unknown sources. Ensure that users are aware not to open suspicious files with MJM QuickPlayer (version 2010). If possible, update or replace the vulnerable software with a version that has patched this issue or use alternative media players that are not affected.