Divx

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-10024 1Divx 3Directshowdemuxfilter PlayerWeb Player May 6, 2026 Jan 13, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a (1) negative or (2) large value in a St...Show more Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a (1) negative or (2) large value in a Stream Format (STRF) chunk in an AVI file, which triggers a heap-based buffer overflow.Show less
CVE-2010-5232 1Divx 1Divx Plus Player Apr 29, 2026 Sep 7, 2012 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Untrusted search path vulnerability in DivX Plus Player 8.1.0 allows local users to gain privileges via a Trojan horse ssleay32.dll file in a certain directory. NOTE: the provenance of this information is unknown; the d...Show more Untrusted search path vulnerability in DivX Plus Player 8.1.0 allows local users to gain privileges via a Trojan horse ssleay32.dll file in a certain directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2010-5231 1Divx 1Divx Player Apr 29, 2026 Sep 7, 2012 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Untrusted search path vulnerability in DivX Player 7.2.019 allows local users to gain privileges via a Trojan horse VersionCheckDLL.dll file in the current working directory, as demonstrated by a directory that contains...Show more Untrusted search path vulnerability in DivX Player 7.2.019 allows local users to gain privileges via a Trojan horse VersionCheckDLL.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2008-5259 1Divx 1Divx Web Player Apr 23, 2026 Apr 16, 2009 N/A· v4 N/A· v3 9.3 HIGH· v2 Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap...Show more Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.Show less
CVE-2008-1912 1Divx 1Divx Player Apr 23, 2026 Apr 22, 2008 N/A· v4 N/A· v3 9.3 HIGH· v2 Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and earlier allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long subtitle in a .SRT fil...Show more Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and earlier allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long subtitle in a .SRT file.Show less
CVE-2008-1800 1Divx 1Divxdb Apr 23, 2026 Apr 15, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in index.php in DivXDB 2002 0.94b allow remote attackers to inject arbitrary web script or HTML via the (1) choice, (2) _page_, (3) zone_admin, (4) general_search, and...Show more Multiple cross-site scripting (XSS) vulnerabilities in index.php in DivXDB 2002 0.94b allow remote attackers to inject arbitrary web script or HTML via the (1) choice, (2) _page_, (3) zone_admin, (4) general_search, and (5) import parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2008-0090 2Divx Microsoft 2Divx Player Internet Explorer Apr 23, 2026 Jan 4, 2008 N/A· v4 N/A· v3 5.0 MEDIUM· v2 A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method.
CVE-2007-1294 1Divx 1Divx Web Player Apr 23, 2026 Mar 7, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large valu...Show more A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images.Show less
CVE-2007-0429 1Divx 1Divx Player Apr 23, 2026 Jan 23, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed with DivX Player 6.4.1, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the GoWindowed method for a certai...Show more DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed with DivX Player 6.4.1, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the GoWindowed method for a certain instance of the ActiveX object.Show less
CVE-2006-6444 1Divx 1Divx Player Apr 23, 2026 Dec 10, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Stack-based buffer overflow in Nostra DivX Player 2.1, 2.2.00.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long string in an M3U file. NOTE: The provenance of this information is unkn...Show more Stack-based buffer overflow in Nostra DivX Player 2.1, 2.2.00.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long string in an M3U file. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.Show less
CVE-2005-0304 1Divx 1Divx Player Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in DivX Player 2.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename in a ZIP file for a skin.