Vulnerabilities

CVE-2014-10024

by Fred · 13/01/2015

Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a (1) negative or (2) large value in a Stream Format (STRF) chunk in an AVI file, which triggers a heap-based buffer overflow.

Date published : 2015-01-13

http://www.securityfocus.com/bid/67086

http://seclists.org/fulldisclosure/2014/Apr/283

Similar

Tags: Cybersecurity Alert