Vulnerability Description
A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX control (VideoPlayer.ocx) version 2.6 when handling overly long arguments to the ConvertFile() method. An attacker can exploit this vulnerability by supplying crafted input to cause memory corruption and execute arbitrary code within the context of the current process.
Related Weaknesses (CWE)
References
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exp
- https://rh0dev.github.io/blog/2015/fun-with-info-leaks/
- https://www.exploit-db.com/exploits/35948
- https://www.exploit-db.com/exploits/36100
- https://www.fortiguard.com/encyclopedia/ips/40167/x360-videoplayer-activex-contr
- https://www.vulncheck.com/advisories/x360-videoplayer-activex-control-buffer-ove
FAQ
What is CVE-2025-34128?
CVE-2025-34128 is a documented vulnerability. A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX control (VideoPlayer.ocx) version 2.6 when handling overly long arguments to the ConvertFile() method. An attacker can exploit th...
How severe is CVE-2025-34128?
CVSS scoring is not yet available for CVE-2025-34128. Check NVD for updates.
Is there a patch for CVE-2025-34128?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.