CVE-2010-20111

N/A Unknown
Published: August 21, 2025 Modified: April 15, 2026
View on NVD

Description

Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured Exception Handler (SEH) on the stack. This flaw may allow an attacker to control execution flow when the file is opened, potentially leading to arbitrary code execution.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/digital_music_pad_pls.rb
Source: disclosure@vulncheck.com
https://web.archive.org/web/20100923154433/http://secunia.com:80/advisories/41519
Source: disclosure@vulncheck.com
https://www.exploit-db.com/exploits/15134
Source: disclosure@vulncheck.com
https://www.topshareware.com/Digital-Music-Pad-download-79446.htm
Source: disclosure@vulncheck.com
https://www.vulncheck.com/advisories/digital-music-pad-stack-buffer-overflow
Source: disclosure@vulncheck.com

5 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
8.2%
92th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-121

Related CVEs

CVE-2026-7724 5.0
CVE-2026-7723 7.3
CVE-2026-7722 5.3
CVE-2026-7721 6.3
CVE-2026-7720 6.3