CVE-2007-5064
published 2007-09-24CVE-2007-5064: Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote…
PriorityP261medium6.8CVSS 2.0
AVNACMAuNCPIPAP
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
3.88%
88.9th percentile
Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xunlei | web_thunder | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerable method is DownURL2 on the DapPlayer ActiveX control (DapPlayer_Now.dll). Monitor for invocation of this method with an abnormally long first argument from a browser process (Internet Explorer). ↗
- →The exploit targets Xunlei Web Thunder 5.6.8.344 / 5.6.9.344. Presence of DapPlayer_Now.dll loaded in iexplore.exe is a high-fidelity indicator of exposure. ↗
- ·The exact ActiveX CLSID for DapPlayer_Now.dll is not specified in the sources; the DLL name is inferred from third-party information and should be confirmed before building kill-bit or registry-based detections. ↗
- ·The NVD entry lists version 5.6.9.344 while the SecurityFocus PoC references 5.6.8.344; both version strings should be included in version-based detection rules. ↗
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vulncheck6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jh86-jq8q-phx4: Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5
ghsa_unreviewed·2022-05-01
CVE-2007-5064 [MEDIUM] CWE-119 GHSA-jh86-jq8q-phx4: Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5
Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
VulnCheck
xunlei web_thunder Improper Restriction of Operations within the Bounds of a Memory Buffer
vulncheck·2007·CVSS 6.8
CVE-2007-5064 [MEDIUM] xunlei web_thunder Improper Restriction of Operations within the Bounds of a Memory Buffer
xunlei web_thunder Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
Affected: xunlei web_thunder
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=50063
No detection rules found.
No writeups or analysis indexed.
http://1v1.name/show-283-1.htmlhttp://osvdb.org/37777http://secunia.com/advisories/26964http://www.securityfocus.com/bid/25751http://www.vupen.com/english/advisories/2007/3309http://1v1.name/show-283-1.htmlhttp://osvdb.org/37777http://secunia.com/advisories/26964http://www.securityfocus.com/bid/25751http://www.vupen.com/english/advisories/2007/3309
2007-09-24
Published
Exploited in the wild