Web Player

CVEs (3)

• CVE-2007-1294Mar 7, 2007
  risk 0.03cvss —epss 0.06

  A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images.

• CVE-2014-10024Jan 13, 2015
  risk 0.00cvss —epss 0.03

  Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a (1) negative or (2) large value in a Stream Format (STRF) chunk in an AVI file, which triggers a heap-based buffer overflow.

• CVE-2008-5259Apr 16, 2009
  risk 0.00cvss —epss 0.06

  Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.