In association with heise online

17 April 2008, 10:45

DivX Player trips up when processing subtitles

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The popular DivX video codec is packaged with a player. Unfortunately, the current version of the DivX Player crashes when handling crafted subtitle files, allowing attackers to inject arbitrary program code.

The flaw, reported by securfrog, can be exploited via manipulated .srt subtitle files. When an entry to be displayed includes a string more than 4096 characters long, a buffer overflow occurs because the length is not checked properly, causing the player to crash. securfrog says that the instruction pointer can be manipulated during the crash, which allows arbitrary program code to be executed.

The DivX Player automatically loads subtitle files that have the same base name as the video file, such as test.avi and Version of the DivX Player included in the current DivX 6.8 is affected, as probably are previous versions. Until an updated DivX Player has been released, users of the software are advised to refrain from opening any subtitle files from untrusted sources.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit