SB20071117 - Remote code execution in Xunlei Thunder

Description

This security bulletin contains information about 1 security vulnerability.

1) Heap-based buffer overflow (CVE-ID: CVE-2007-6144)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to boundary error in PPlayer.XPPlayer.1 ActiveX control when handling long strings passed via FlvPlayerUrl property value. A remote attacker can create a specially crafted web page, trick the victim into visiting it, cause a heap-based buffer overflow and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in compromise of vulnerable system.

Note: this vulnerability was being actively exploited.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• http://betanews.com/2008/05/19/ten-thousand-servers-hit-in-sql-injection-hack/
• http://www.pcworld.com/article/146048/article.html
• https://forums.whatthetech.com/index.php?showtopic=91131
• https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=50081