Lhoang8500

**Name of the Vulnerable Software and Affected Versions** DivX Player version 6.7.0.22 and earlier **Description** The issue is related to a stack-based buffer overflow that can be triggered by a long subtitle in a .SRT file, allowing user-assisted remote attackers to cause a denial of service or execute arbitrary code. **Recommendations** For DivX Player version 6.7.0.22 and earlier, update to a newer version to mitigate the risk of exploitation. As a temporary workaround, consider avoiding the use of .SRT files with long subtitles until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Microsoft Works version 7 Microsoft Office versions 2003 and 2007 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service via an invalid `WksPictureInterface` property value. This triggers an improper function call in a certain ActiveX control in `WkImgSrv.dll`. **Recommendations** For Microsoft Works version 7, update the `WkImgSrv.dll` to a version that does not contain the vulnerable ActiveX control. For Microsoft Office versions 2003 and 2007, avoid using the `WksPictureInterface` property until a patch is available. As a temporary workaround, consider disabling the vulnerable ActiveX control in `WkImgSrv.dll` until a patch is available.