23 matches found
EUVD-2007-0323
Malware in sbrugna...
Design/Logic Flaw
Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control isusweb.dll 6.1.100.61372 in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method...
CVE-2008-4586
Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control isusweb.dll 6.1.100.61372 in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method...
CVE-2008-4587
Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control ISDM.exe 6.1.100.61372 in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods. NOTE: this...
CVE-2008-4586
In CVE-2008-4586, the affected product is Macrovision FLEXnet Connect 6.1, specifically the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372). The issue is an insecure method vulnerability that allows remote attackers to force the download and execution of arbitrary file...
CVE-2008-4587
CVE-2008-4587 describes an insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) of Macrovision FLEXnet Connect 6.1. An attacker could force the download and execution of arbitrary files via AddFile and RunScheduledJobs, wit...
CVE-2008-4586
Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control isusweb.dll 6.1.100.61372 in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method...
Macrovision FLEXnet Connect ActiveX控件任意文件下载漏洞
BUGTRAQ ID: 27279 Macrovision FLEXnet Connect是一种应用软件的厂商为用户提供产品相关的更新及信息发布的工具。 FLEXnet Connect的ActiveX控件实现上存在漏洞,远程攻击者可能利用此漏洞下载任意文件到用户系统。 FLEXnet Connect所使用的DownloadManager控件: ISDM.exe version 6.1.100.61372 MVSNClientDownloadManager61Lib.DownloadManager FCED4482-7CCB-4E6F-86C9-DCB22B52843C...
Buffer overflow
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...
CVE-2007-5660
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...
CVE-2007-5660
CVE-2007-5660 affects Macrovision InstallShield Update Service ActiveX (Isusweb.dll). The connected sources describe a stack/remote buffer overflow in Isusweb.dll (Isusweb.dll 6.0.100.54472) exploited by passing an overly long ProductCode string to the DownloadAndExecute method, enabling arbitrar...
CVE-2007-5660
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...
CVE-2007-2419
Multiple buffer overflows in an ActiveX control boisweb.dll in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the 1 the second parameter to the DownloadAndExecute method and 2 third parameter to the AddFileEx method, a different...
Buffer overflow
Multiple buffer overflows in an ActiveX control boisweb.dll in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the 1 the second parameter to the DownloadAndExecute method and 2 third parameter to the AddFileEx method, a different...
CVE-2007-2419
CVE-2007-2419: A buffer overflow in the boisweb.dll ActiveX control used by Macrovision FLEXnet Connect 6.0 and Update Service 3.x–5.x allows remote code execution. The vulnerability is triggered by specific parameters to DownloadAndExecute (second parameter) and AddFileEx (third parameter). Tipp...
CVE-2007-0328
The DWUpdateService ActiveX control in the agent agent.exe in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via 1 the Execute method, and obtain the exit status using 2 the GetExitCode method...
Security feature bypass
The DWUpdateService ActiveX control in the agent agent.exe in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via 1 the Execute method, and obtain the exit status using 2 the GetExitCode method...
CVE-2007-0328
The DWUpdateService ActiveX control in the agent agent.exe in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via 1 the Execute method, and obtain the exit status using 2 the GetExitCode method...
Macrovision FLEXnet Connect Software Manager DWUpdateService ActiveX control contains dangerous methods
Overview The Macrovision FLEXnet Connect Software Manager DWUpdateService ActiveX control fails to restrict access to its methods, which can allow a remote, unauthenticated attacker to execute arbitrary commands on a vulnerable system. Description Macrovision FLEXnet Connect is a software package...
Buffer overflow
Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect formerly InstallShield Update Service allows remote attackers to execute arbitrary code via the Download method...