Flexera InstallShield < 2024 R1 Privilege Escalation (CVE-2024-7562)

The version of Flexera InstallShield installed on the remote host is prior to 2024 R1. It is, therefore, affected by a privilege escalation vulnerability: - A privilege escalation vulnerability exists in standalone MSI setups built with InstallShield that have multiple InstallScript custom action...

EUVD-2023-32683

Malicious code in bioql PyPI...

EUVD-2024-54679

Malicious code in bioql PyPI...

CVE-2024-7562

A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2 are affected by this issue...

CVE-2024-7562

A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2 are affected by this issue...

CVE-2024-7562

A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2 are affected by this issue...

Flexera InstallShield 安全漏洞

Flexera InstallShield is a development kit that creates Microsoft Windows installers from Flexera USA. A security vulnerability exists in InstallShield versions 2023 R2, 2022 R2, and 2021 R2 that stems from a potential elevation of privilege when configuring multiple InstallScript customization...

CVE-2021-41526

A vulnerability has been reported in the windows installer MSI built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action...

CVE-2023-29080

Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2 due to adding InstallScript custom action to a Basic MSI or InstallScript MSI project extracting few binaries to a predefined writable folder during installation time. The standard user account has...

PT-2025-1387 · Revenera · Revenera Installshield

Name of the Vulnerable Software and Affected Versions: Revenera InstallShield versions 2021 R2 through 2022 R2 Description: The issue concerns a potential privilege escalation vulnerability due to the addition of an InstallScript custom action to a Basic MSI or InstallScript MSI project. This...

CVE-2021-41526

A vulnerability has been reported in the windows installer MSI built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action...

Privilege escalation

A vulnerability has been reported in the windows installer MSI built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action...

CVE-2021-41526

A vulnerability has been reported in the windows installer MSI built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an InstallScript custom action...

CVE-2021-41526

CVE-2021-41526 affects Windows Installer (MSI) built with InstallScript actions from InstallShield. The issue allows local privilege escalation when an MSI repair triggers an InstallScript custom action, enabling elevation to Administrator in affected installs. Public reports and mappings (e.g., ...

InstallShield 安全漏洞

Flexera InstallShield is a development kit from US-based Flexera that makes Microsoft Windows installers. A security vulnerability exists in InstallShield that stems from the fact that building Windows installers MSIs using InstallScript custom actions may allow elevation of privilege...

PT-2022-11422 · Microsoft · Windows Installer

Name of the Vulnerable Software and Affected Versions: Windows Installer MSI built with InstallScript custom action affected versions not specified Description: A vulnerability has been reported in the Windows Installer MSI built with InstallScript custom action, which may allow privilege...

Installshield 2009 File Overwrite

""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" """ :::::: :: :: :: :: :: :::: """ """ :: :: :: :: :::::: .. :::: :: """ """ ::::: ::: ::::: :: :: :: :: :: :::: """ """ :: :: :: :: : :: :: :: :: :: :: """ """ :::::: :: :: ::::: :: :::::: :: :: :::: rs.ir """ """ :: """ """ """...

Code injection

The Macrovision InstallShield InstallScript One-Click Install OCI ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine...

CVE-2007-5661

The Macrovision InstallShield InstallScript One-Click Install OCI ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine...

CVE-2007-5661

The Macrovision InstallShield InstallScript One-Click Install OCI ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine...