Macrovision InstallShield Update Service ActiveX Control Code Execution (CVE-2007-5660)

Macrovision InstallShield is a software tool for creating installers or software packages. This vulnerability is due to errors in the Macrovision InstallShield Update Service ActiveX Control when handling webpage scripts. To trigger this issue, an attacker may create a malicious web page that wil...

flexnet-overwrite.txt

Who: Macrovision What: Macrovision FlexNext Connect is a software package that allows ISV's to update their software products. It is generally used in conjunction with the InstallShield software deploymnet framework. FlexNet uses a number of ActiveX controls, some of which are marked safe for...

Macrovision Installshield isusweb.dll SEH Overwrite Exploit

No description provided by source. !-- written by e.b. Macrovision Installshield isusweb.dll SEH Overwrite Exploit Tested on Windows XP SP2fully patched English, IE6, isusweb.dll version 5.1.100.47363 Thanks to h.d.m. and the Metasploit crew -- html head...

CVE-2007-6654

Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument second argument to the DownloadAndExecute method, a different vulnerability than...

Buffer overflow

Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument second argument to the DownloadAndExecute method, a different vulnerability than...

CVE-2007-6654

Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument second argument to the DownloadAndExecute method, a different vulnerability than...

CVE-2007-6654

CVE-2007-6654 is a buffer overflow in Macrovision InstallShield Update Service Web Agent 5.1.100.47363, affecting its ActiveX control. A remote attacker can execute arbitrary code by passing a long ProductCode string as the second argument to the DownloadAndExecute method. This entry is distinct ...

MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...

MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...

MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...

MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...

macrovision-overwrite.txt

MC has already made a Metasploit module for this, and Symantec has released BloodHound signatures for general isusweb abuse. Code is inline and attached. ---------------- Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf +...

Macrovision Installshield isusweb.dll SEH Overwrite Exploit

Exploit for unknown platform in category remote exploits =========================================================== Macrovision Installshield isusweb.dll SEH Overwrite Exploit =========================================================== Macrovision Installshield isusweb.dll SEH Overwrite Exploit...

Macrovision Installshield - isusweb.dll Overwrite (SEH)

Macrovision Installshield - isusweb.dll Overwrite SEH Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf + 'A'; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var...

Macrovision Installshield - 'isusweb.dll' Overwrite (SEH)

Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf + 'A'; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 =...

Macrovision InstallShield Update Service Buffer Overflow

This module exploits a stack buffer overflow in Macrovision InstallShield Update ServiceIsusweb.dll 6.0.100.54472. By passing an overly long ProductCode string to the DownloadAndExecute method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...

Macrovision InstallShield ActiveX code execution

Unsafe Update Service ActiveX method allows code execution...

[Full-disclosure] Installshield Update Service isusweb.dll Buffer Overflow

The InstallShield Update Service Web Agent version 5.1.100.47363 suffers from an exploitable buffer overflow in the ProductCode parameter of the DownloadAndExecute function. This object is marked safe for scripting. Note that this issue appears to different from...

installshield-overflow.txt

The InstallShield Update Service Web Agent version 5.1.100.47363 suffers from an exploitable buffer overflow in the ProductCode parameter of the DownloadAndExecute function. This object is marked safe for scripting. Note that this issue appears to different from...

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...