CVE-2007-6144| Date: (C)2007-11-27 (M)2015-12-16 |
| |
| CVSS Score: 6.0 | Access Vector: NETWORK |
| Exploitability Subscore: 6.8 | Access Complexity: MEDIUM |
| Impact Subscore: 6.4 | Authentication: SINGLE_INSTANCE |
| | Confidentiality: PARTIAL |
| | Integrity: PARTIAL |
| | Availability: PARTIAL |
Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information.
