Christopher Valasek

**Name of the Vulnerable Software and Affected Versions** Xvid versions prior to 1.2.2 **Description** The issue is related to multiple heap-based buffer overflows in the xvidcore library, which can be triggered by providing a crafted macroblock number in a video stream within a crafted movie file. This can lead to heap memory corruption and allow remote attackers to execute arbitrary code. The problem is associated with a missing resync marker range check and involves the `decoder iframe`, `decoder pframe`, and `decoder bframe` functions. **Recommendations** For Xvid versions prior to 1.2.2, update to version 1.2.2 or later to resolve the issue. As a temporary workaround, consider disabling the use of crafted movie files until the update is applied. Restrict access to video streams from untrusted sources to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Xvid versions prior to 1.2.2 **Description** A heap-based buffer overflow issue exists in the decoder create function within the initialization functionality of Xvid. This issue can be exploited by remote attackers to execute arbitrary code through crafted movie files, particularly when the XVID ERR MEMORY return code is improperly handled during processing. The exploitation vector involves the DirectShow frontend. **Recommendations** For versions prior to 1.2.2, update to version 1.2.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the decoder create function until a patch is available. Avoid using Xvid to process untrusted or crafted movie files until the issue is resolved.