Security Bulletin: Vulnerability in InstallShield affects IBM WebSphere eXtreme Scale .NET client installation (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to an DLL-planting vulnerability during installation of the .NET client Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker to gain elevated privileges on the syste...

Unshield Directory Traversal Vulnerability

nshield is a library that extracts CAB files from InstallShield installers. A directory traversal vulnerability exists in unshield version 1.0-1. An attacker can exploit this vulnerability to browse for files...

Flexera InstallShield Detection (Windows SMB Login)

SMB login-based detection of Flexera InstallShield. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Flexera InstallShield Privilege Escalation Vulnerability

Flexera InstallShield is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Flexera InstallShield Installed

Binary data flexerainstallshieldinstalled.nbin...

Flexera InstallShield Untrusted Search Path Vulnerability

The Flexera InstallShield application installed on the remote host is missing a vendor-supplied hotfix. It is, therefore, affected by an untrusted search path vulnerability due to looking for specific files or libraries in the current working directory, which may not be trusted or under user...

InstallShield DLL Hijacking

Hi @ll, executable installers ° created with InstallShield see alias are vulnerable: 1. Their wrappers/self-extractors load and execute a rogue/bogus/ malicious RichEd32.dll ' and other DLLs too, dependent on the version of Windows eventually found in the directory they are started from the...

Flexera InstallShield Untrusted Search Path Vulnerability

Flexera InstallShield is a Windows installation development solution. An untrusted search path vulnerability in Flexera InstallShield 2015 SP1 and prior versions allows local users to gain privileges via a Trojan horse DLL in the current working directory of the launcher executable...

CVE-2016-2542

Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file...

CVE-2016-2542

Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file...

Design/Logic Flaw

Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file...

CVE-2016-2542

CVE-2016-2542 is an untrusted search path vulnerability (DLL hijacking) in Flexera InstallShield up to 2015 SP1, enabling local privilege escalation via a Trojan DLL in the setup-launcher’s working directory. Connected sources cite vulnerable installers in Brother/Mitsubishi/IBM products and advi...

CVE-2016-2542

Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file...

PT-2016-3439

Name of the Vulnerable Software and Affected Versions Flexera InstallShield through 2015 SP1 AVEVA Edge InstallShield affected versions not specified Description The issue is related to an untrusted search path vulnerability that allows local users to gain privileges via a Trojan horse DLL in the...

Macrovision InstallShield Update Service Buffer Overflow

No description provided by source. $Id: macrovisiondownloadandexecute.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

CVE-2013-1079

Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.3 through 11.2 allows remote attackers to execute arbitrary local DLL files via a crafted web page that also calls th...

Directory traversal

Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.3 through 11.2 allows remote attackers to execute arbitrary local DLL files via a crafted web page that also calls th...

CVE-2013-1079

CVE-2013-1079 relates to a directory traversal vulnerability in the ISCreateObject method of the ISProxy ActiveX object used by Novell ZENworks AdminStudio (ISProxy.dll). The flaw, triggered by a crafted web page that also calls Initialize, can cause the underlying OS to load arbitrary local DLLs...

CVE-2013-1079

Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.3 through 11.2 allows remote attackers to execute arbitrary local DLL files via a crafted web page that also calls th...

Flexera Multiple Products ISGrid.dll ActiveX Control Code Execution

A heap buffer overflow vulnerability has been reported in Flexera's AdminStudio and InstallShield...