CVE-2008-5259

N/A Unknown

Published: April 16, 2009 Modified: April 23, 2026

Description

Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/33196

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://secunia.com/secunia_research/2008-57/

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

http://www.securityfocus.com/archive/1/502701/100/0/threaded

Source: PSIRT-CNA@flexerasoftware.com

http://www.securityfocus.com/bid/34523

Source: PSIRT-CNA@flexerasoftware.com

http://www.securitytracker.com/id?1022061

Source: PSIRT-CNA@flexerasoftware.com

http://www.vupen.com/english/advisories/2009/1044

Source: PSIRT-CNA@flexerasoftware.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/49908

Source: PSIRT-CNA@flexerasoftware.com

http://secunia.com/advisories/33196