CVE-2009-4755

Name of the Vulnerable Software and Affected Versions Mercury Audio Player version 1.21

Description The issue concerns multiple stack-based buffer overflows that allow remote attackers to execute arbitrary code. This can be achieved by sending a long string in a malformed playlist file, specifically in .b4s or .pls files.

Recommendations For Mercury Audio Player version 1.21, consider updating to a newer version that addresses this issue, as using malformed playlist files can lead to arbitrary code execution. If no update is available, restrict the use of .b4s and .pls playlist files to minimize the risk of exploitation.