CVE-2009-1068

Name of the Vulnerable Software and Affected Versions BS.Player versions 2.32 Build 975 through 2.34 Build 980 and earlier

Description The issue is a stack-based buffer overflow that can be triggered by a long hostname in a .bsl playlist file, potentially allowing remote attackers to cause a denial of service or execute arbitrary code.

Recommendations For versions 2.32 Build 975 through 2.34 Build 980 and earlier, consider avoiding the use of long hostnames in .bsl playlist files until a fix is available. As a temporary workaround, restrict the length of hostnames in .bsl files to prevent potential exploitation.