Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Steinberg MyMP3Player Buffer Overflow Vulnerability in Playlist Parsing

Vulnerability

Exploited

A stack-based buffer overflow vulnerability has been identified in Steinberg MyMP3Player version 3.0 (build 3.0.0.67). The issue arises when the application parses .m3u playlist files, as it fails to properly validate the length of the input data. This oversight allows a specially crafted .m3u file to overwrite critical memory structures, leading to arbitrary code execution. The vulnerability can be exploited locally by persuading a user to open a malicious .m3u file.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Reproduction

The vulnerability can be reproduced by creating a .m3u file that includes a payload designed to exploit the buffer overflow. This file can then be opened with Steinberg MyMP3Player version 3.0.0.67, triggering the overflow and executing the embedded code.

Added: Aug 21, 2025, 9:19 PM

Updated: Aug 21, 2025, 9:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.1

remediation

0.0

relevance

0.4

threat

8.1

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.1

remediation

0.0

relevance

0.4

threat

8.1

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Steinberg MyMP3Player Buffer Overflow Vulnerability in Playlist Parsing

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating