Test ID:	1.3.6.1.4.1.25623.1.0.900537
Category:	Buffer overflow
Title:	DivX Web Player Buffer Overflow Vulnerability
Summary:	Check for the version of DivX Web Player
Description:	Overview: This host is running DivX Web Player which is prone to buffer overflow vulnerability. Vulnerability Insight: This flaw is due to the boundary checking error while processing Stream Format 'STRF' chunks which causes heap overflow. Impact: Successful exploitation will let the attacker execute arbitrary codes within the context of the application by tricking a user into opening a crafted DivX file. Impact level: System Affected Software/OS: DivX Web Player 1.4.2.7 and prior on Windows. Fix: Update to version 1.4.3.4 http://www.divx.com/downloads/divx References: http://en.securitylab.ru/nvd/377996.php http://secunia.com/advisories/33196 http://www.vupen.com/english/advisories/2009/1044
Cross-Ref:	BugTraq ID: 34523 Common Vulnerability Exposure (CVE) ID: CVE-2008-5259 Bugtraq: 20090415 Secunia Research: DivX Web Player Stream Format Chunk Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/archive/1/502701/100/0/threaded http://secunia.com/secunia_research/2008-57/ http://www.securityfocus.com/bid/34523 http://www.securitytracker.com/id?1022061 http://secunia.com/advisories/33196 http://www.vupen.com/english/advisories/2009/1044 XForce ISS Database: divxwebplayer-strf-bo(49908) http://xforce.iss.net/xforce/xfdb/49908
Copyright	Copyright (C) 2009 SecPod

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: