Skip to main content

DivX Web Player Stream Format Chunk Buffer Overflow Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 16 Apr 2009 5563 Views

RISK: Medium Risk

A vulnerability has been identified in DivX Web Player, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a signedness error in the processing of "STRF" (Stream Format) chunks within a DivX file, which could be exploited by atatckers to execute arbitrary code by tricking a user into visiting a malicious web page.


Impact

  • Remote Code Execution

System / Technologies affected

  • DivX Web Player versions prior to 1.4.3.4

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to DivX Web Player version 1.4.3.4 :
http://www.divx.com/downloads/divx


Vulnerability Identifier


Source


Related Link