CVE-2007-5661

The CVE-2007-5661 issue affects Macrovision InstallShield InstallScript One-Click Install ActiveX control (12.0 before SP2). The OCI ActiveX loads DLLs from remote sites without validating the libraries, enabling remote code execution with the user’s privileges when a user visits a crafted web pa...

Macrovision InstallShield InstallScript OCI控件不可信任库代码执行漏洞

BUGTRAQ ID: 28533 CVECAN ID: CVE-2007-5661 MacroVision InstallShield是很多软件厂商都在使用的安装程序解决方案。 InstallShield所安装的InstallScript One-Click Install ActiveX控件加载了不可信任的函数库，可能允许远程攻击者以当前登录用户的权限执行任意命令。 InstallShield InstallScript One-Click Install控件的属性如下： 文件：%WINDIR%\Downloaded Program Files\setup.exe...

Macrovision InstallShield InstallScript One-Click Install ActiveX code exectuion

Control allows to download and execute dynamic library from remote site...