Description
Xunlei Thunder before 7.2.6 allows remote attackers to execute arbitrary code via a crafted file, related to a "DLL injection vulnerability."
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://safe.xunlei.com/announce/xl20120306.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74811
Various Sources x_refsource_misc
http://blog.vulnhunt.com/index.php/2012/03/06/cal-2012-0006xunlei-dll-injection-vulnerability/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53191
Scores
EPSS
0.0275
EPSS Percentile
84.4%
Details
CWE
CWE-94
Status
published
Products (1)
xunlei/thunder
7.2.6
Published
Apr 11, 2012
Tracked Since
Feb 18, 2026