NVD

Id
5038  
Name
CVE-2008-5259  
Description
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2009-04-16  
Modified Date
2009-04-28  
Seq
2008-5259  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
31522 5038 CVE-2008-5259 20090415 Secunia Research: DivX Web Player Stream Format Chunk Buffer Overflow  View
31523 5038 CVE-2008-5259 34523  View
31524 5038 CVE-2008-5259 1022061  View
31525 5038 CVE-2008-5259 ADV-2009-1044  View
31526 5038 CVE-2008-5259 divxwebplayer-strf-bo(49908)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
41724 JVNDB-2009-002731 DivX Web Player における整数符号化エラーの脆弱性 DivX Web Player には、整数符号化エラーの脆弱性が存在します。 CVE-2008-5259 35372 CVE-2008-5259 5038 9.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002731.html 2009-04-16 2012-06-26 View