389 matches found
Microsoft Security Bulletin MS09-069 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392)
Microsoft Security Bulletin MS09-069 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service 974392 Published: December 08, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in...
Macrovision InstallShield Update Service Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Macrovision...
Microsoft Security Bulletin MS09-026 - Important Vulnerability in RPC Could Allow Elevation of Privilege (970238)
Microsoft Security Bulletin MS09-026 - Important Vulnerability in RPC Could Allow Elevation of Privilege 970238 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call RPC...
Microsoft Security Bulletin MS09-013 - Critical Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803)
Microsoft Security Bulletin MS09-013 - Critical Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution 960803 Published: April 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed vulnerability and two privately...
Macrovision InstallShield Update Service Agent ActiveX Memory Corruption (CVE-2008-2470)
Macrovision InstallShield is a software tool for creating installers or software packages. A memory corruption vulnerability has been reported in Macrovision InstallShield Update Service. The vulnerability is due to a design error in the Macrovision InstallShield Update Service while processing...
CVE-2008-2470
The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service memory corruption and browser crash and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response...
CVE-2008-2470
CVE-2008-2470 : The InstallShield Update Service Agent ActiveX control in isusweb.dll has a memory corruption vulnerability triggered by ExecuteRemote() with a URL returning 404. This can allow remote, unauthenticated attackers to execute arbitrary code or crash the browser. The issue affects the...
InstallShield Update Service Agent ActiveX control memory corruption
Overview The InstallShield Update Service ActiveX control contains a memory corruption vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The InstallShield Update Service contains an ActiveX control called Update Service...
Macrovision InstallShield Update Service ActiveX Control Code Execution (CVE-2007-5660)
Macrovision InstallShield is a software tool for creating installers or software packages. This vulnerability is due to errors in the Macrovision InstallShield Update Service ActiveX Control when handling webpage scripts. To trigger this issue, an attacker may create a malicious web page that wil...
Buffer overflow
Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument second argument to the DownloadAndExecute method, a different vulnerability than...
CVE-2007-6654
CVE-2007-6654 is a buffer overflow in Macrovision InstallShield Update Service Web Agent 5.1.100.47363, affecting its ActiveX control. A remote attacker can execute arbitrary code by passing a long ProductCode string as the second argument to the DownloadAndExecute method. This entry is distinct ...
MacroVision InstallShield Update Service DownloadAndExecute buffer overflow
Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...
MacroVision InstallShield Update Service DownloadAndExecute buffer overflow
Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...
MacroVision InstallShield Update Service DownloadAndExecute buffer overflow
Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...
Macrovision InstallShield ActiveX code execution
Unsafe Update Service ActiveX method allows code execution...
installshield-overflow.txt
The InstallShield Update Service Web Agent version 5.1.100.47363 suffers from an exploitable buffer overflow in the ProductCode parameter of the DownloadAndExecute function. This object is marked safe for scripting. Note that this issue appears to different from...
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...