Unrated severityNVD Advisory· Published Jan 13, 2015· Updated Jun 17, 2026
CVE-2014-10024
CVE-2014-10024
Description
Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a (1) negative or (2) large value in a Stream Format (STRF) chunk in an AVI file, which triggers a heap-based buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- cpe:2.3:a:divx:directshowdemuxfilter:*:*:*:*:*:*:*:*
cpe:2.3:a:divx:web_player:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:divx:web_player:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.