Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    8 vulnerabilities by xunlei

    CVE-2012-2224 (GCVE-0-2012-2224)

    Vulnerability from nvd – Published: 2012-04-11 10:00 – Updated: 2024-08-06 19:26
    VLAI
    Summary
    Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-03-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T19:26:09.029Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://safe.xunlei.com/announce/xl20120306.html"
              },
              {
                "name": "xunlei-dll-code-execution(74811)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
              },
              {
                "name": "53191",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/53191"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-03-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a \"DLL injection vulnerability.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-19T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://safe.xunlei.com/announce/xl20120306.html"
            },
            {
              "name": "xunlei-dll-code-execution(74811)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
            },
            {
              "name": "53191",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/53191"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2012-2224",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a \"DLL injection vulnerability.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://safe.xunlei.com/announce/xl20120306.html",
                  "refsource": "CONFIRM",
                  "url": "http://safe.xunlei.com/announce/xl20120306.html"
                },
                {
                  "name": "xunlei-dll-code-execution(74811)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
                },
                {
                  "name": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
                },
                {
                  "name": "53191",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/53191"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2012-2224",
        "datePublished": "2012-04-11T10:00:00.000Z",
        "dateReserved": "2012-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-06T19:26:09.029Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-6144 (GCVE-0-2007-6144)

    Vulnerability from nvd – Published: 2007-11-27 19:00 – Updated: 2024-08-07 15:54
    VLAI
    Summary
    Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.nohack.cn/hacknews/20071119/1916.html x_refsource_MISC
    http://www.vupen.com/english/advisories/2007/3982 vdb-entryx_refsource_VUPEN
    http://osvdb.org/39680 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/26536 vdb-entryx_refsource_BID
    http://www.sebug.net/exploit/2575 x_refsource_MISC
    http://secunia.com/advisories/27795 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-11-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:54:26.872Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nohack.cn/hacknews/20071119/1916.html"
              },
              {
                "name": "ADV-2007-3982",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3982"
              },
              {
                "name": "39680",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/39680"
              },
              {
                "name": "26536",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26536"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.sebug.net/exploit/2575"
              },
              {
                "name": "27795",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27795"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-11-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nohack.cn/hacknews/20071119/1916.html"
            },
            {
              "name": "ADV-2007-3982",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3982"
            },
            {
              "name": "39680",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/39680"
            },
            {
              "name": "26536",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26536"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.sebug.net/exploit/2575"
            },
            {
              "name": "27795",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27795"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-6144",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.nohack.cn/hacknews/20071119/1916.html",
                  "refsource": "MISC",
                  "url": "http://www.nohack.cn/hacknews/20071119/1916.html"
                },
                {
                  "name": "ADV-2007-3982",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3982"
                },
                {
                  "name": "39680",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/39680"
                },
                {
                  "name": "26536",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26536"
                },
                {
                  "name": "http://www.sebug.net/exploit/2575",
                  "refsource": "MISC",
                  "url": "http://www.sebug.net/exploit/2575"
                },
                {
                  "name": "27795",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27795"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-6144",
        "datePublished": "2007-11-27T19:00:00.000Z",
        "dateReserved": "2007-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:54:26.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5064 (GCVE-0-2007-5064)

    Vulnerability from nvd – Published: 2007-09-24 22:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://1v1.name/show-283-1.html x_refsource_MISC
    http://www.vupen.com/english/advisories/2007/3309 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/26964 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/37777 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/25751 vdb-entryx_refsource_BID
    Date Public
    2007-09-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:28.038Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://1v1.name/show-283-1.html"
              },
              {
                "name": "ADV-2007-3309",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3309"
              },
              {
                "name": "26964",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26964"
              },
              {
                "name": "37777",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37777"
              },
              {
                "name": "25751",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25751"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-05T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://1v1.name/show-283-1.html"
            },
            {
              "name": "ADV-2007-3309",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3309"
            },
            {
              "name": "26964",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26964"
            },
            {
              "name": "37777",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37777"
            },
            {
              "name": "25751",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25751"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5064",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://1v1.name/show-283-1.html",
                  "refsource": "MISC",
                  "url": "http://1v1.name/show-283-1.html"
                },
                {
                  "name": "ADV-2007-3309",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3309"
                },
                {
                  "name": "26964",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26964"
                },
                {
                  "name": "37777",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37777"
                },
                {
                  "name": "25751",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25751"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5064",
        "datePublished": "2007-09-24T22:00:00.000Z",
        "dateReserved": "2007-09-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:28.038Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3296 (GCVE-0-2007-3296)

    Vulnerability from nvd – Published: 2007-06-20 21:00 – Updated: 2024-08-07 14:14
    VLAI
    Summary
    The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/38474 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/24552 vdb-entryx_refsource_BID
    http://www.whsafe.com/Article/ldgg/200706/12375.shtml x_refsource_MISC
    Date Public
    2007-06-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:14:12.642Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "38474",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38474"
              },
              {
                "name": "24552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24552"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-11-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "38474",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38474"
            },
            {
              "name": "24552",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24552"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3296",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "38474",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38474"
                },
                {
                  "name": "24552",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24552"
                },
                {
                  "name": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml",
                  "refsource": "MISC",
                  "url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3296",
        "datePublished": "2007-06-20T21:00:00.000Z",
        "dateReserved": "2007-06-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:14:12.642Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-2224 (GCVE-0-2012-2224)

    Vulnerability from cvelistv5 – Published: 2012-04-11 10:00 – Updated: 2024-08-06 19:26
    VLAI
    Summary
    Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-03-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T19:26:09.029Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://safe.xunlei.com/announce/xl20120306.html"
              },
              {
                "name": "xunlei-dll-code-execution(74811)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
              },
              {
                "name": "53191",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/53191"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-03-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a \"DLL injection vulnerability.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-19T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://safe.xunlei.com/announce/xl20120306.html"
            },
            {
              "name": "xunlei-dll-code-execution(74811)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
            },
            {
              "name": "53191",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/53191"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2012-2224",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a \"DLL injection vulnerability.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://safe.xunlei.com/announce/xl20120306.html",
                  "refsource": "CONFIRM",
                  "url": "http://safe.xunlei.com/announce/xl20120306.html"
                },
                {
                  "name": "xunlei-dll-code-execution(74811)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
                },
                {
                  "name": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
                },
                {
                  "name": "53191",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/53191"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2012-2224",
        "datePublished": "2012-04-11T10:00:00.000Z",
        "dateReserved": "2012-04-11T00:00:00.000Z",
        "dateUpdated": "2024-08-06T19:26:09.029Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-6144 (GCVE-0-2007-6144)

    Vulnerability from cvelistv5 – Published: 2007-11-27 19:00 – Updated: 2024-08-07 15:54
    VLAI
    Summary
    Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.nohack.cn/hacknews/20071119/1916.html x_refsource_MISC
    http://www.vupen.com/english/advisories/2007/3982 vdb-entryx_refsource_VUPEN
    http://osvdb.org/39680 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/26536 vdb-entryx_refsource_BID
    http://www.sebug.net/exploit/2575 x_refsource_MISC
    http://secunia.com/advisories/27795 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-11-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:54:26.872Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nohack.cn/hacknews/20071119/1916.html"
              },
              {
                "name": "ADV-2007-3982",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3982"
              },
              {
                "name": "39680",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/39680"
              },
              {
                "name": "26536",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26536"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.sebug.net/exploit/2575"
              },
              {
                "name": "27795",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27795"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-11-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nohack.cn/hacknews/20071119/1916.html"
            },
            {
              "name": "ADV-2007-3982",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3982"
            },
            {
              "name": "39680",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/39680"
            },
            {
              "name": "26536",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26536"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.sebug.net/exploit/2575"
            },
            {
              "name": "27795",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27795"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-6144",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.nohack.cn/hacknews/20071119/1916.html",
                  "refsource": "MISC",
                  "url": "http://www.nohack.cn/hacknews/20071119/1916.html"
                },
                {
                  "name": "ADV-2007-3982",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3982"
                },
                {
                  "name": "39680",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/39680"
                },
                {
                  "name": "26536",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26536"
                },
                {
                  "name": "http://www.sebug.net/exploit/2575",
                  "refsource": "MISC",
                  "url": "http://www.sebug.net/exploit/2575"
                },
                {
                  "name": "27795",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27795"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-6144",
        "datePublished": "2007-11-27T19:00:00.000Z",
        "dateReserved": "2007-11-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:54:26.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5064 (GCVE-0-2007-5064)

    Vulnerability from cvelistv5 – Published: 2007-09-24 22:00 – Updated: 2024-08-07 15:17
    VLAI
    Summary
    Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://1v1.name/show-283-1.html x_refsource_MISC
    http://www.vupen.com/english/advisories/2007/3309 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/26964 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/37777 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/25751 vdb-entryx_refsource_BID
    Date Public
    2007-09-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:17:28.038Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://1v1.name/show-283-1.html"
              },
              {
                "name": "ADV-2007-3309",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3309"
              },
              {
                "name": "26964",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26964"
              },
              {
                "name": "37777",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37777"
              },
              {
                "name": "25751",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25751"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-09-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2007-10-05T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://1v1.name/show-283-1.html"
            },
            {
              "name": "ADV-2007-3309",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3309"
            },
            {
              "name": "26964",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26964"
            },
            {
              "name": "37777",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37777"
            },
            {
              "name": "25751",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25751"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5064",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://1v1.name/show-283-1.html",
                  "refsource": "MISC",
                  "url": "http://1v1.name/show-283-1.html"
                },
                {
                  "name": "ADV-2007-3309",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3309"
                },
                {
                  "name": "26964",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26964"
                },
                {
                  "name": "37777",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37777"
                },
                {
                  "name": "25751",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25751"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5064",
        "datePublished": "2007-09-24T22:00:00.000Z",
        "dateReserved": "2007-09-24T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:17:28.038Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3296 (GCVE-0-2007-3296)

    Vulnerability from cvelistv5 – Published: 2007-06-20 21:00 – Updated: 2024-08-07 14:14
    VLAI
    Summary
    The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/38474 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/24552 vdb-entryx_refsource_BID
    http://www.whsafe.com/Article/ldgg/200706/12375.shtml x_refsource_MISC
    Date Public
    2007-06-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:14:12.642Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "38474",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38474"
              },
              {
                "name": "24552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24552"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-11-15T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "38474",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38474"
            },
            {
              "name": "24552",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24552"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3296",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "38474",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38474"
                },
                {
                  "name": "24552",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24552"
                },
                {
                  "name": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml",
                  "refsource": "MISC",
                  "url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3296",
        "datePublished": "2007-06-20T21:00:00.000Z",
        "dateReserved": "2007-06-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:14:12.642Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }