PT-2007-2709 · Microsoft+1 · Internet Explorer+2
Shinnai
·
Publicado
2007-03-06
·
Atualizado
2017-10-11
·
CVE-2007-1294
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
DivX Player version 1.3.0
Description
The issue is related to a certain ActiveX control in the DivXBrowserPlugin, which allows remote attackers to cause a denial of service, resulting in an Internet Explorer 7 crash. This occurs when large values are passed to
DivxWP.Resize, related to resizing images.Recommendations
For DivX Player version 1.3.0, consider disabling the
DivxWP.Resize function to prevent the denial of service issue until a patch is available.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Divx Player
Divxbrowserplugin
Internet Explorer