Intrusion Prevention

Thunder.XPPlayer.FlvPlayerUrl.Handle.Buffer.Overflow

Description

This indicates an attempt to exploit a vulnerability in Xunlei Thunder that can be exploited by attackers to execute arbitrary code.
The vulnerability is caused by a boundary check error in "xplayer.dll_1_work". An attacker can cause a heap based buffer overflow by assigning an overly long (greater than 1060 bytes) string to the "FlvPlayerUrl" property of the "PPlayer.XPPlayer.1" ActiveX control (pplayer.dll_1_work).

Affected Products

The vulnerability is confirmed in version 5.7.4.401.
Other versions may also be affected.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Check the vendor's web site for a patch or update.
Set the kill bit for the affected ActiveX control.

CVE References

CVE-2007-6144