CVE-2025-34128 Information

Jul 17, 2025 cve

Description

A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX control (VideoPlayer.ocx) version 2.6 when handling overly long arguments to the ConvertFile() method. An attacker can exploit this vulnerability by supplying crafted input to cause memory corruption and execute arbitrary code within the context of the current process.

Reference

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/browser/x360_video_player_set_text_bof.rb https://rh0dev.github.io/blog/2015/fun-with-info-leaks/ https://www.exploit-db.com/exploits/35948 https://www.exploit-db.com/exploits/36100 https://www.fortiguard.com/encyclopedia/ips/40167/x360-videoplayer-activex-control-buffer-overflow https://www.vulncheck.com/advisories/x360-videoplayer-activex-control-buffer-overflow

CNNVD-202507-2282 (Published: 2025-07-16)

Share on:

CVE-2025-34128 Information

Description

Reference

Related CNNVD