MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

2008-01-04T00:00:00
ID SAINT:C2D4EE72D1BA335A46F5E1199A942C2D
Type saint
Reporter SAINT Corporation
Modified 2008-01-04T00:00:00

Description

Added: 01/04/2008
CVE: CVE-2007-6654
BID: 27013
OSVDB: 39980

Background

MacroVision InstallShield is software for creating installers or software packages.

Problem

A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads a specially crafted web page.

Resolution

Apply the patch, which marks the object as unsafe for scripting.

References

<http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0553.html>

Limitations

Exploit works on Macrovision InstallShield 2008 and requires a user to load the exploit page in Internet Explorer.

Platforms

Windows