Intrusion Prevention

Xunlei.Thunder.DapPlayer.ActiveX.Code.Execution

Description

There is a buffer overflow vulnerability in an ActiveX control that is part of Xunlei Web Thunder 5.6.9.344. It may allow remote attackers to execute arbitrary code via a long first argument to the DownURL2 method.

Affected Products

Xunlei Web Thunder 5.6.9.344

Impact

System compromise, remote code execution.

Recommended Actions

Currently we are not aware of any vendor supplied patches for this issue.

CVE References

CVE-2007-5064