Vulnerability Description
The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods.
CVSS Score
9.3
HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xunlei | Web Thunderbolt | 1.7.3.109 |
References
- http://osvdb.org/38474
- http://www.securityfocus.com/bid/24552
- http://www.whsafe.com/Article/ldgg/200706/12375.shtml
- http://osvdb.org/38474
- http://www.securityfocus.com/bid/24552
- http://www.whsafe.com/Article/ldgg/200706/12375.shtml
FAQ
What is CVE-2007-3296?
CVE-2007-3296 is a vulnerability with a CVSS score of 9.3 (HIGH). The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous meth...
How severe is CVE-2007-3296?
CVE-2007-3296 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3296?
Check the references section above for vendor advisories and patch information. Affected products include: Xunlei Web Thunderbolt.