QwikSec

Security Database

CVE

CWE

Training

CVE-2010-20111

Published: Aug 21, 2025

Modified: May 15, 2026

PUBLISHED

Description

Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured Exception Handler (SEH) on the stack. This flaw may allow an attacker to control execution flow when the file is opened, potentially leading to arbitrary code execution.

Vendor	Product	Versions
Digital Music Pad	Digital Music Pad	affected `0 - <= 8.2.3.3.4`

Weaknesses (CWE)

References

https://web.archive.org/web/20100923154433/http://secunia.com:80/advisories/41519

third-party-advisory

https://www.exploit-db.com/exploits/15134

exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/digital_music_pad_pls.rb

exploit

https://www.topshareware.com/Digital-Music-Pad-download-79446.htm

product

https://www.vulncheck.com/advisories/digital-music-pad-stack-buffer-overflow

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.