Skip to main content

Yahoo! Player Playlist Processing Buffer Overflow Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 9 Mar 2010 5465 Views

RISK: Medium Risk

A vulnerability has been identified in Yahoo! Player, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error when processing playlists (e.g. ".m3u" or ".pls") containing overly long data, which could be exploited by attackers to crash an affected application or execute arbitrary code by tricking a user into opening a malicious playlist file.


Impact

  • Remote Code Execution

System / Technologies affected

  • Yahoo! Player versions 1.x

Solutions

There is no patch available for this vulnerability currently.


Vulnerability Identifier

  • No CVE information is available

Source