Shir

**Name of the Vulnerable Software and Affected Versions** DivX Player version 6.6.0 **Description** A certain ActiveX control in npUpload.dll allows remote attackers to cause a denial of service, which can lead to an Internet Explorer 7 crash, via a long argument to the `SetPassword` method. **Recommendations** For DivX Player version 6.6.0, consider disabling the `SetPassword` method as a temporary workaround until a patch is available. Restrict access to the npUpload.dll module to minimize the risk of exploitation. Avoid using long arguments in the `SetPassword` method until the issue is resolved.