CNNVD-202507-2282 Information

Jul 16, 2025 cve

CNNVD ID

CNNVD-202507-2282

CVE-2025-34128

CNNVD Published: 2025-07-16

Description (Chinese)

X360 VideoPlayer ActiveX control是X360公司的一个ActiveX控件。 X360 VideoPlayer ActiveX control 2.6版本存在安全漏洞，该漏洞源于缓冲区溢出，可能导致执行任意代码。

Description (English)

X360 VideoPlayer ActiveX control is an ActiveX control of X360. Version 2.6 of X360 VideoPlayer ActiveX control has a security loophole, which originates from the spilling of the buffer zone and may lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

X360

Published

2025-07-16

Last Modified

2026-02-24

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/x360_video_player_set_text_bof.rb https://rh0dev.github.io/blog/2015/fun-with-info-leaks/ https://www.exploit-db.com/exploits/35948 https://www.exploit-db.com/exploits/36100 https://www.fortiguard.com/encyclopedia/ips/40167/x360-videoplayer-activex-control-buffer-overflow https://www.vulncheck.com/advisories/x360-videoplayer-activex-control-buffer-overflow

Share on: