DiVX City Global DiVX Zenith Player AviFixer ActiveX Control Remote Buffer Overflow Vulnerability
BID:23907
Info
DiVX City Global DiVX Zenith Player AviFixer ActiveX Control Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 23907 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2601 |
| Remote: | Yes |
| Local: | No |
| Published: | May 09 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | rgod is credited with the discovery of this vulnerability. |
| Vulnerable: |
DiVX City GDivX Zenith Player 1.2 DiVX City GDivX Zenith Player 1.1 |
| Not Vulnerable: | |
Discussion
DiVX City Global DiVX Zenith Player AviFixer ActiveX Control Remote Buffer Overflow Vulnerability
Global DiVX Zenith Player (GDiVX Player) AviFixer ActiveX control is prone to a buffer-overflow vulnerability because the software fails to sufficiently bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker may exploit this issue by enticing victims into opening a malicious webpage or HTML email that invokes the affected control.
All versions of Global DiVX Zenith Player with 'fix.dll' version 1.0.0.1 are considered vulnerable to this issue.
Global DiVX Zenith Player (GDiVX Player) AviFixer ActiveX control is prone to a buffer-overflow vulnerability because the software fails to sufficiently bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker may exploit this issue by enticing victims into opening a malicious webpage or HTML email that invokes the affected control.
All versions of Global DiVX Zenith Player with 'fix.dll' version 1.0.0.1 are considered vulnerable to this issue.
Exploit / POC
DiVX City Global DiVX Zenith Player AviFixer ActiveX Control Remote Buffer Overflow Vulnerability
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
DiVX City Global DiVX Zenith Player AviFixer ActiveX Control Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
DiVX City Global DiVX Zenith Player AviFixer ActiveX Control Remote Buffer Overflow Vulnerability
References:
References:
- Global DiVX Player (DiVX City)