Описание
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-5259
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49908
- http://secunia.com/advisories/33196
- http://secunia.com/secunia_research/2008-57
- http://www.securityfocus.com/archive/1/502701/100/0/threaded
- http://www.securityfocus.com/bid/34523
- http://www.securitytracker.com/id?1022061
- http://www.vupen.com/english/advisories/2009/1044
EPSS
Процентиль: 90%
0.05926
Низкий
CVE ID
Связанные уязвимости
nvd
почти 17 лет назад
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.
EPSS
Процентиль: 90%
0.05926
Низкий