Haihaisoft Media Player contains a buffer overflow which may be exploited by a remote attacker to gain arbitrary code execution within the context of the currently logged on user. Haihaisoft Media Player improperly handles .m3u, .pls, and .asx file types, allowing for an attacker to corrupt memory and redirect code flow.
Haihaisoft Universal Player 1.5.8 and possibly other versions
Remote Code Execution
Haihaisoft Media Player mishandles .m3u, .pls, and .asx file types, allowing for an attacker to place malicious content in those file types, which will trigger a memory corruption. The attacker may use this memory corruption to gain arbitrary code execution.
BeyondTrust Prevention and Detection:
There are no mitigations available. If possible, avoid using Haihaisoft Media Player.