CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 2CVE-2008-0090 – DivX Player 6.6.0 - ActiveX 'SetPassword()' Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2008-0090
A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method. Un determinado control ActiveX de npUpload.dll de DivX Player 6.6.0 permite a atacantes remotos provocar una denegación de servicio (Caída de Internet Explorer 7) mediante un argumento largo en el método SetPassword. • https://www.exploit-db.com/exploits/4829 http://www.securityfocus.com/bid/27106 https://exchange.xforce.ibmcloud.com/vulnerabilities/39386 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 9%CPEs: 2EXPL: 1CVE-2007-2601
https://notcve.org/view.php?id=CVE-2007-2601
Buffer overflow in a certain ActiveX control in the GDivX Zenith Player AviFixer class in fix.dll 1.0.0.1 allows remote attackers to execute arbitrary code via a long SetInputFile property value. Desbordamiento de búfer en un control ActiveX concreto en la clase GDivX Zenith Player AviFixer en fix.dll 1.0.0.1 permite a atacantes remotos ejecutar código de su elección mediante un valor de propiedad SetInputFile largo. • http://moaxb.blogspot.com/2007/05/moaxb-11-bonus-gdivx-zenith-player.html. http://osvdb.org/36021 http://www.securityfocus.com/bid/23907 https://exchange.xforce.ibmcloud.com/vulnerabilities/34246 https://www.exploit-db.com/exploits/3889 •
CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 2CVE-2007-1294 – DivX Web Player 1.3.0 - 'npdivx32.dll' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-1294
A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images. Cierto control ActiveX en DivXBrowserPlugin (npdivx32.dll) de DivX Web Player, como el distribuido con DivX Player 1.3.0, permite a atacantes remotos provocar una denegación de servicio (caída de Internet Explorer 7) pasando valores grandes a DivxWP.Resize, relacionado con la redimensión de imágenes. • https://www.exploit-db.com/exploits/3392 http://osvdb.org/35377 http://www.securityfocus.com/bid/22776 https://exchange.xforce.ibmcloud.com/vulnerabilities/32759 •
CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 1CVE-2007-0429 – DivX Player 6.4.1 - DivXBrowserPlugin 'npdivx32.dll' IE Denial of Service
https://notcve.org/view.php?id=CVE-2007-0429
DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed with DivX Player 6.4.1, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the GoWindowed method for a certain instance of the ActiveX object. DivXBrowerPlugin (también conocido como DivX Web Player) npdivx32.dll, como se distribuye con DivX Player 6.4.1, permite a atacantes remotos provocar una denegación de servicio (cierre de Internet Explorer 7) invocando el método GoWindowed para una determinada instancia del objeto ActiveX. • https://www.exploit-db.com/exploits/3157 http://osvdb.org/37693 http://www.securityfocus.com/bid/22133 https://exchange.xforce.ibmcloud.com/vulnerabilities/31601 •
CVSS: 6.8EPSS: 3%CPEs: 2EXPL: 0CVE-2006-6444
https://notcve.org/view.php?id=CVE-2006-6444
Stack-based buffer overflow in Nostra DivX Player 2.1, 2.2.00.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long string in an M3U file. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Desbordamiento de búfer basado en pila en Nostra DivX Player 2.1, 2.2.00.0, y posiblemente anteriores, permite un atacante remoto ejecutar código de su elección a través de una cadena en un archivo M3U. NOTA:la procedencia de esta información es desconocida; los detalles han sido obtenidos a partir de la información de terceros. • http://secunia.com/advisories/23272 http://www.securityfocus.com/bid/21480 http://www.vupen.com/english/advisories/2006/4892 https://exchange.xforce.ibmcloud.com/vulnerabilities/30773 •