Dec3
2:11 am (UTC-7)   |   by Justine Paredes (Technical Communications)

There have been reports of a vulnerability in XunleiThunder PPlayer’s ActiveX control, a component of the Chinese software Xunlei Thunder 5.7.4 40.

TrendLabs Researcher Jonell Baltazar reveals that the talked about vulnerability on Xunlei Thunder is in the file pplayer.dll (version 1.2.3.49) included in the Thunder 5.x software package, specifically in the “FlvPlayerUrl” method where passing a specially crafted string can cause an overflow within the program and can lead to code execution.

This vulnerability is also being actively exploited. It is included in one of the malicious Web pages as a result of the iFrames found while visiting gameige.com. The related blog entry can be found here.

Until a patch is created by the software vendor, it is advisable to refrain from using the said software. In the meantime, a possible workaround is to set the kill bit for the CLSID F3E70CEA-956E-49CC-B444-73AFE593AD7 in order to disable the vulnerable ActiveX Control in Internet Explorer.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Monday, December 3rd, 2007 at 2:11 am and is filed under Exploits . Responses are closed, but you can trackback from your own site.



Comments are closed.


The Hazards of Doing Home Work
Consented Blackmail


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice