DivX Player 2.6 Skin File Directory Traversal Vulnerability

2014-07-01T00:00:00
ID SSV:78724
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/12332/info

DivX Player is reported prone to a directory traversal vulnerability. The issue presents itself when DPS '.dps', archive files are processed.

Ultimately an attacker may exploit this issue to save a script or executable file in an arbitrary location. This may lead to the execution of malicious code when the affected system is restarted. Alternatively, the attacker may overwrite a target file with the privileges of a user that is installing a malicious skin file. 

http://www.exploit-db.com/sploits/25057.dps