cpe:/a:xunlei:web_thunder:5.7.4:401 CVE-2007-6144 2007-11-27T14:46:00.000-05:00 2011-03-07T22:02:02.937-05:00 6.0 NETWORK MEDIUM SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-11-28T11:11:00.000-05:00 ALLOWS_OTHER_ACCESS BID 26536 SECUNIA 27795 OSVDB 39680 VUPEN ADV-2007-3982 MISC http://www.nohack.cn/hacknews/20071119/1916.html MISC http://www.sebug.net/exploit/2575 Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information.