Divx » Divx Web Player : Security Vulnerabilities, CVEs,
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
8.08%
Published
2009-04-16
Updated
2018-10-11
A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images.
Max CVSS
7.8
EPSS Score
3.08%
Published
2007-03-07
Updated
2017-10-11
2 vulnerabilities found