CVE-2007-5064

EXPLOITED

Xunlei Web Thunder 5.6.9.344 - Buffer Overflow via DownURL2 Method

Title source: llm

Exploitation Summary

CVE-2007-5064 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including 7jdg.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Xunlei Web Thunder's ActiveX control via a maliciously crafted webpage. It uses a heap spray technique to execute arbitrary shellcode, leading to remote code execution in the context of the application.

Description

Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer ActiveX control in DapPlayer_Now.dll, allows remote attackers to execute arbitrary code via a long first argument to the DownURL2 method. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by 7jdg · htmlremotewindows

https://www.exploit-db.com/exploits/30600

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Xunlei Web Thunder's ActiveX control via a maliciously crafted webpage. It uses a heap spray technique to execute arbitrary shellcode, leading to remote code execution in the context of the application.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Xunlei Web Thunder 5.6.8.344

No auth needed

Prerequisites: Victim must visit a maliciously crafted webpage using Internet Explorer with the vulnerable ActiveX control installed

MITRE ATT&CK