Lucene search
K

210 matches found

Saint
Saint
added 2008/01/04 12:0 a.m.32 views

MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...

9.3CVSS6.9AI score0.05554EPSS
Exploits5
Packet Storm
Packet Storm
added 2007/12/31 12:0 a.m.19 views

macrovision-overwrite.txt

MC has already made a Metasploit module for this, and Symantec has released BloodHound signatures for general isusweb abuse. Code is inline and attached. ---------------- Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf +...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/12/30 12:0 a.m.18 views

Macrovision Installshield - isusweb.dll Overwrite (SEH)

Macrovision Installshield - isusweb.dll Overwrite SEH Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf + 'A'; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var...

0.4AI score
Exploits0
0day.today
0day.today
added 2007/12/30 12:0 a.m.19 views

Macrovision Installshield isusweb.dll SEH Overwrite Exploit

Exploit for unknown platform in category remote exploits =========================================================== Macrovision Installshield isusweb.dll SEH Overwrite Exploit =========================================================== Macrovision Installshield isusweb.dll SEH Overwrite Exploit...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/12/30 12:0 a.m.33 views

Macrovision Installshield - 'isusweb.dll' Overwrite (SEH)

Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf + 'A'; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 =...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2007/12/26 12:17 p.m.53 views

Macrovision InstallShield Update Service Buffer Overflow

This module exploits a stack buffer overflow in Macrovision InstallShield Update ServiceIsusweb.dll 6.0.100.54472. By passing an overly long ProductCode string to the DownloadAndExecute method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...

9.3CVSS1.1AI score0.36619EPSS
Exploits12
securityvulns
securityvulns
added 2007/12/26 12:0 a.m.44 views

[Full-disclosure] Installshield Update Service isusweb.dll Buffer Overflow

The InstallShield Update Service Web Agent version 5.1.100.47363 suffers from an exploitable buffer overflow in the ProductCode parameter of the DownloadAndExecute function. This object is marked safe for scripting. Note that this issue appears to different from...

1AI score
Exploits0
securityvulns
securityvulns
added 2007/12/26 12:0 a.m.50 views

Macrovision InstallShield ActiveX code execution

Unsafe Update Service ActiveX method allows code execution...

9.3CVSS4.2AI score0.36619EPSS
Exploits12References2Affected Software1
Packet Storm
Packet Storm
added 2007/12/24 12:0 a.m.21 views

installshield-overflow.txt

The InstallShield Update Service Web Agent version 5.1.100.47363 suffers from an exploitable buffer overflow in the ProductCode parameter of the DownloadAndExecute function. This object is marked safe for scripting. Note that this issue appears to different from...

7.4AI score
Exploits0
Saint
Saint
added 2007/12/07 12:0 a.m.31 views

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.36619EPSS
Exploits12
Saint
Saint
added 2007/12/07 12:0 a.m.60 views

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.36619EPSS
Exploits12
Saint
Saint
added 2007/12/07 12:0 a.m.84 views

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.36619EPSS
Exploits12
Saint
Saint
added 2007/12/07 12:0 a.m.33 views

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.36619EPSS
Exploits12
Prion
Prion
added 2007/11/02 4:46 p.m.26 views

Buffer overflow

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...

9.3CVSS8AI score0.36619EPSS
Exploits12References10Affected Software1
canvas
canvas
added 2007/11/02 4:46 p.m.39 views

Immunity Canvas: INSTALLSHIELD

Name| installshield ---|--- CVE| CVE-2007-5660 Exploit Pack| CANVAS Description| Macrovision InstallShield 2008 ActiveX Buffer Overflow Notes| CVE Name: CVE-2007-5660 VENDOR: Macrovision Repeatability: Infinite client side - no crash CVS URL:...

9.3CVSS6.3AI score0.36619EPSS
Exploits12
NVD
NVD
added 2007/11/02 4:46 p.m.20 views

CVE-2007-5660

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...

9.3CVSS7.7AI score0.36619EPSS
Exploits12References10
Cvelist
Cvelist
added 2007/11/02 4:0 p.m.35 views

CVE-2007-5660

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...

7.7AI score0.36619EPSS
Exploits12References10
CVE
CVE
added 2007/11/02 4:0 p.m.149 views

CVE-2007-5660

CVE-2007-5660 affects Macrovision InstallShield Update Service ActiveX (Isusweb.dll). The connected sources describe a stack/remote buffer overflow in Isusweb.dll (Isusweb.dll 6.0.100.54472) exploited by passing an overly long ProductCode string to the DownloadAndExecute method, enabling arbitrar...

9.3CVSS7.6AI score0.36619EPSS
Exploits12References10Affected Software3
seebug.org
seebug.org
added 2007/11/02 12:0 a.m.28 views

Macrovision InstallShield升级服务ActiveX控件不安全方式漏洞

BUGTRAQ ID: 26280 CVECAN ID: CVE-2007-5660 MacroVision InstallShield是很多软件厂商都在使用的安装程序解决方案。 Macrovision InstallShield所安装的升级服务(Update Service)可选组件中存在多个不安全的方式,远程攻击者可能利用此漏洞通过诱使用户访问恶意网页控制用户系统。 该组件以以下ActiveX控件的形式实现: CLSID:E9880553-B8A7-4960-A668-95C68BED571E 文件:C:\Windows\Downloaded Files\isusweb.dll...

9.3CVSS6.4AI score0.36619EPSS
Exploits12
securityvulns
securityvulns
added 2007/11/02 12:0 a.m.79 views

iDefense Security Advisory 10.31.07: Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability

Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability iDefense Security Advisory 10.31.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 31, 2007 I. BACKGROUND MacroVision InstallShield is an installer solution utilized by many software vendors in order to ensur...

9.3CVSS0.8AI score0.36619EPSS
Exploits12
Rows per page
Query Builder