Description

SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header.

INFO

Published Date :

2025-08-20T15:41:03.034Z

Last Modified :

2026-04-07T14:02:12.268Z

Source :

VulnCheck
AFFECTED PRODUCTS

The following products are affected by CVE-2011-10022 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2011-10022.

URL Resource
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/splayer_content_type.rb cve-icon cve-icon
https://www.exploit-db.com/exploits/17243 cve-icon cve-icon
https://www.exploit-db.com/exploits/17268 cve-icon cve-icon
https://www.splayer.org/ cve-icon cve-icon
https://www.vulncheck.com/advisories/splayer-content-type-header-buffer-overflow cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability