Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities by xunlei
CVE-2012-2224 (GCVE-0-2012-2224)
Vulnerability from nvd – Published: 2012-04-11 10:00 – Updated: 2024-08-06 19:26
VLAI
EPSS
VEX
Summary
Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://safe.xunlei.com/announce/xl20120306.html | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://blog.vulnhunt.com/index.php/2012/03/06/cal… | x_refsource_MISC |
| http://www.securityfocus.com/bid/53191 | vdb-entryx_refsource_BID |
Date Public
2012-03-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:09.029Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://safe.xunlei.com/announce/xl20120306.html"
},
{
"name": "xunlei-dll-code-execution(74811)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
},
{
"name": "53191",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53191"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a \"DLL injection vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://safe.xunlei.com/announce/xl20120306.html"
},
{
"name": "xunlei-dll-code-execution(74811)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
},
{
"name": "53191",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53191"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a \"DLL injection vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://safe.xunlei.com/announce/xl20120306.html",
"refsource": "CONFIRM",
"url": "http://safe.xunlei.com/announce/xl20120306.html"
},
{
"name": "xunlei-dll-code-execution(74811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
},
{
"name": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/",
"refsource": "MISC",
"url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
},
{
"name": "53191",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53191"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2224",
"datePublished": "2012-04-11T10:00:00.000Z",
"dateReserved": "2012-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:26:09.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6144 (GCVE-0-2007-6144)
Vulnerability from nvd – Published: 2007-11-27 19:00 – Updated: 2024-08-07 15:54
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.nohack.cn/hacknews/20071119/1916.html | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2007/3982 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/39680 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/26536 | vdb-entryx_refsource_BID |
| http://www.sebug.net/exploit/2575 | x_refsource_MISC |
| http://secunia.com/advisories/27795 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-11-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nohack.cn/hacknews/20071119/1916.html"
},
{
"name": "ADV-2007-3982",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3982"
},
{
"name": "39680",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39680"
},
{
"name": "26536",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26536"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sebug.net/exploit/2575"
},
{
"name": "27795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nohack.cn/hacknews/20071119/1916.html"
},
{
"name": "ADV-2007-3982",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3982"
},
{
"name": "39680",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39680"
},
{
"name": "26536",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26536"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sebug.net/exploit/2575"
},
{
"name": "27795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27795"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6144",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nohack.cn/hacknews/20071119/1916.html",
"refsource": "MISC",
"url": "http://www.nohack.cn/hacknews/20071119/1916.html"
},
{
"name": "ADV-2007-3982",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3982"
},
{
"name": "39680",
"refsource": "OSVDB",
"url": "http://osvdb.org/39680"
},
{
"name": "26536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26536"
},
{
"name": "http://www.sebug.net/exploit/2575",
"refsource": "MISC",
"url": "http://www.sebug.net/exploit/2575"
},
{
"name": "27795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27795"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6144",
"datePublished": "2007-11-27T19:00:00.000Z",
"dateReserved": "2007-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:54:26.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5064 (GCVE-0-2007-5064)
Vulnerability from nvd – Published: 2007-09-24 22:00 – Updated: 2024-08-07 15:17
VLAI
EPSS
VEX
Summary
Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://1v1.name/show-283-1.html | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2007/3309 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/26964 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/37777 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/25751 | vdb-entryx_refsource_BID |
Date Public
2007-09-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://1v1.name/show-283-1.html"
},
{
"name": "ADV-2007-3309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3309"
},
{
"name": "26964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26964"
},
{
"name": "37777",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37777"
},
{
"name": "25751",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-05T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://1v1.name/show-283-1.html"
},
{
"name": "ADV-2007-3309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3309"
},
{
"name": "26964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26964"
},
{
"name": "37777",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37777"
},
{
"name": "25751",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25751"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://1v1.name/show-283-1.html",
"refsource": "MISC",
"url": "http://1v1.name/show-283-1.html"
},
{
"name": "ADV-2007-3309",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3309"
},
{
"name": "26964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26964"
},
{
"name": "37777",
"refsource": "OSVDB",
"url": "http://osvdb.org/37777"
},
{
"name": "25751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25751"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5064",
"datePublished": "2007-09-24T22:00:00.000Z",
"dateReserved": "2007-09-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:17:28.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3296 (GCVE-0-2007-3296)
Vulnerability from nvd – Published: 2007-06-20 21:00 – Updated: 2024-08-07 14:14
VLAI
EPSS
VEX
Summary
The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://osvdb.org/38474 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/24552 | vdb-entryx_refsource_BID |
| http://www.whsafe.com/Article/ldgg/200706/12375.shtml | x_refsource_MISC |
Date Public
2007-06-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:12.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38474",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38474"
},
{
"name": "24552",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24552"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "38474",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38474"
},
{
"name": "24552",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24552"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38474",
"refsource": "OSVDB",
"url": "http://osvdb.org/38474"
},
{
"name": "24552",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24552"
},
{
"name": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml",
"refsource": "MISC",
"url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3296",
"datePublished": "2007-06-20T21:00:00.000Z",
"dateReserved": "2007-06-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:14:12.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2224 (GCVE-0-2012-2224)
Vulnerability from cvelistv5 – Published: 2012-04-11 10:00 – Updated: 2024-08-06 19:26
VLAI
EPSS
VEX
Summary
Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://safe.xunlei.com/announce/xl20120306.html | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://blog.vulnhunt.com/index.php/2012/03/06/cal… | x_refsource_MISC |
| http://www.securityfocus.com/bid/53191 | vdb-entryx_refsource_BID |
Date Public
2012-03-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:09.029Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://safe.xunlei.com/announce/xl20120306.html"
},
{
"name": "xunlei-dll-code-execution(74811)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
},
{
"name": "53191",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53191"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a \"DLL injection vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://safe.xunlei.com/announce/xl20120306.html"
},
{
"name": "xunlei-dll-code-execution(74811)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
},
{
"name": "53191",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53191"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a \"DLL injection vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://safe.xunlei.com/announce/xl20120306.html",
"refsource": "CONFIRM",
"url": "http://safe.xunlei.com/announce/xl20120306.html"
},
{
"name": "xunlei-dll-code-execution(74811)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74811"
},
{
"name": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/",
"refsource": "MISC",
"url": "http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/"
},
{
"name": "53191",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53191"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2224",
"datePublished": "2012-04-11T10:00:00.000Z",
"dateReserved": "2012-04-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:26:09.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6144 (GCVE-0-2007-6144)
Vulnerability from cvelistv5 – Published: 2007-11-27 19:00 – Updated: 2024-08-07 15:54
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.nohack.cn/hacknews/20071119/1916.html | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2007/3982 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/39680 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/26536 | vdb-entryx_refsource_BID |
| http://www.sebug.net/exploit/2575 | x_refsource_MISC |
| http://secunia.com/advisories/27795 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-11-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nohack.cn/hacknews/20071119/1916.html"
},
{
"name": "ADV-2007-3982",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3982"
},
{
"name": "39680",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39680"
},
{
"name": "26536",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26536"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sebug.net/exploit/2575"
},
{
"name": "27795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nohack.cn/hacknews/20071119/1916.html"
},
{
"name": "ADV-2007-3982",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3982"
},
{
"name": "39680",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39680"
},
{
"name": "26536",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26536"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sebug.net/exploit/2575"
},
{
"name": "27795",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27795"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6144",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nohack.cn/hacknews/20071119/1916.html",
"refsource": "MISC",
"url": "http://www.nohack.cn/hacknews/20071119/1916.html"
},
{
"name": "ADV-2007-3982",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3982"
},
{
"name": "39680",
"refsource": "OSVDB",
"url": "http://osvdb.org/39680"
},
{
"name": "26536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26536"
},
{
"name": "http://www.sebug.net/exploit/2575",
"refsource": "MISC",
"url": "http://www.sebug.net/exploit/2575"
},
{
"name": "27795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27795"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6144",
"datePublished": "2007-11-27T19:00:00.000Z",
"dateReserved": "2007-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:54:26.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5064 (GCVE-0-2007-5064)
Vulnerability from cvelistv5 – Published: 2007-09-24 22:00 – Updated: 2024-08-07 15:17
VLAI
EPSS
VEX
Summary
Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://1v1.name/show-283-1.html | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2007/3309 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/26964 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/37777 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/25751 | vdb-entryx_refsource_BID |
Date Public
2007-09-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://1v1.name/show-283-1.html"
},
{
"name": "ADV-2007-3309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3309"
},
{
"name": "26964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26964"
},
{
"name": "37777",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37777"
},
{
"name": "25751",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-05T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://1v1.name/show-283-1.html"
},
{
"name": "ADV-2007-3309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3309"
},
{
"name": "26964",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26964"
},
{
"name": "37777",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37777"
},
{
"name": "25751",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25751"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://1v1.name/show-283-1.html",
"refsource": "MISC",
"url": "http://1v1.name/show-283-1.html"
},
{
"name": "ADV-2007-3309",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3309"
},
{
"name": "26964",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26964"
},
{
"name": "37777",
"refsource": "OSVDB",
"url": "http://osvdb.org/37777"
},
{
"name": "25751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25751"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5064",
"datePublished": "2007-09-24T22:00:00.000Z",
"dateReserved": "2007-09-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:17:28.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3296 (GCVE-0-2007-3296)
Vulnerability from cvelistv5 – Published: 2007-06-20 21:00 – Updated: 2024-08-07 14:14
VLAI
EPSS
VEX
Summary
The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://osvdb.org/38474 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/24552 | vdb-entryx_refsource_BID |
| http://www.whsafe.com/Article/ldgg/200706/12375.shtml | x_refsource_MISC |
Date Public
2007-06-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:12.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38474",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38474"
},
{
"name": "24552",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24552"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "38474",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38474"
},
{
"name": "24552",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24552"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38474",
"refsource": "OSVDB",
"url": "http://osvdb.org/38474"
},
{
"name": "24552",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24552"
},
{
"name": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml",
"refsource": "MISC",
"url": "http://www.whsafe.com/Article/ldgg/200706/12375.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3296",
"datePublished": "2007-06-20T21:00:00.000Z",
"dateReserved": "2007-06-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:14:12.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}