CVE-2008-0090

Divx Player - Memory Corruption

Title source: rule

Description

A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · htmldoswindows

https://www.exploit-db.com/exploits/4829

View Code ZIP pw:eip

References (3)

[Exploit] http://www.securityfocus.com/bid/27106

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/39386

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4829

Scores

EPSS 0.1254

EPSS Percentile 94.0%

Details

CWE

CWE-119

Status published

Products (2)

divx/divx_player 6.6.0

microsoft/internet_explorer 7

Published Jan 04, 2008

Tracked Since Feb 18, 2026