200 matches found
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...
Immunity Canvas: INSTALLSHIELD
Name| installshield ---|--- CVE| CVE-2007-5660 Exploit Pack| CANVAS Description| Macrovision InstallShield 2008 ActiveX Buffer Overflow Notes| CVE Name: CVE-2007-5660 VENDOR: Macrovision Repeatability: Infinite client side - no crash CVS URL:...
Buffer overflow
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...
CVE-2007-5660
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...
CVE-2007-5660
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...
CVE-2007-5660
CVE-2007-5660 affects Macrovision InstallShield Update Service ActiveX (Isusweb.dll). The connected sources describe a stack/remote buffer overflow in Isusweb.dll (Isusweb.dll 6.0.100.54472) exploited by passing an overly long ProductCode string to the DownloadAndExecute method, enabling arbitrar...
Macrovision InstallShield升级服务ActiveX控件不安全方式漏洞
BUGTRAQ ID: 26280 CVECAN ID: CVE-2007-5660 MacroVision InstallShield是很多软件厂商都在使用的安装程序解决方案。 Macrovision InstallShield所安装的升级服务(Update Service)可选组件中存在多个不安全的方式,远程攻击者可能利用此漏洞通过诱使用户访问恶意网页控制用户系统。 该组件以以下ActiveX控件的形式实现: CLSID:E9880553-B8A7-4960-A668-95C68BED571E 文件:C:\Windows\Downloaded Files\isusweb.dll...
iDefense Security Advisory 10.31.07: Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability
Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability iDefense Security Advisory 10.31.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 31, 2007 I. BACKGROUND MacroVision InstallShield is an installer solution utilized by many software vendors in order to ensur...
FLEXnet Connect Update Service ActiveX Control Multiple Code Execution Vulnerabilities
Macrovision FLEXnet Connect, formerly known as InstallShield Update Service, is installed on the remote host. It is a software management solution for internally-developed and third-party applications, and may have been installed as part of the FLEXnet Connect SDK, other InstallShield software, o...
Code injection
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield IS release, uses weak permissions for cvpnd.exe Modify granted to Interactive Users, which allows local users to gain privileges via a modified cvpnd.exe...
Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client Advisory ID: cisco-sa-20070815-vpnclient http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml Revision 1.0 For Public Release 2007 August 15 1600...
InstallShield multiple security vulnerabilities
ActiveX elements and brwser plugins vulnerabilities...
FLEXnet Connect Update Service Agent ActiveX (isusweb.dll) Overflow
Macrovision FLEXnet Connect, formerly known as InstallShield Update Service, is installed on the remote host. It is a software management solution for internally-developed and third-party applications, and may have been installed as part of the FLEXnet Connect SDK, other InstallShield software, o...
CVE-2007-0321
Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect formerly InstallShield Update Service allows remote attackers to execute arbitrary code via the Download method...
CVE-2007-0321
CVE-2007-0321 affects Macrovision FLEXnet Connect (InstallShield Update Service) via the Update Service Agent ActiveX control isusweb.dll. The vulnerability is a buffer overflow in the Download method that could allow remote attackers to execute arbitrary code on the affected host. The descriptio...
InstallShield InstallFromTheWeb ActiveX Control Multiple Overflows
InstallFromTheWeb IFTW, a web-enabled software installation product from InstallShield, is installed on the remote host. The version of InstallFromTheWeb on the remote host includes an ActiveX control that is reportedly affected by multiple and, as yet, unspecified buffer overflow vulnerabilities...
Macrovision / InstallShield InstallFromTheWeb buffer overflows
Overview Macrovision / InstallShield InstallFromTheWeb contains multiple buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description InstallShield InstallFromTheWeb is a web-based software installation product for Microsoft Windows systems...
Macrovision FLEXnet Connect / InstallShield Update Service Agent ActiveX buffer overflows
Overview The Macrovision / InstallShield Update Service Web Agent ActiveX control contains buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description The InstallShield Update Service, now known as Macrovision FLEXnet Connect, contains an ActiveX...