Fortinet Discovers Thunder ActiveX Control Remote Code Execution Vulnerability
Fortinet's FortiGuard Labs has discovered remote code execution vulnerability in Thunder ActiveX Control.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Jun 11, 2008
Upgrade to latest version available from http://www.xunlei.com.
The vulnerability exists in the "Put()" method implemented in "DapCtrl" DLL file.
Haifei Li of Fortinet's FortiGuard Global Security Research Team