Lucene search
K

116 matches found

Packet Storm
Packet Storm
added 2007/12/31 12:0 a.m.20 views

macrovision-overwrite.txt

MC has already made a Metasploit module for this, and Symantec has released BloodHound signatures for general isusweb abuse. Code is inline and attached. ---------------- Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf +...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/12/30 12:0 a.m.19 views

Macrovision Installshield - isusweb.dll Overwrite (SEH)

Macrovision Installshield - isusweb.dll Overwrite SEH Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf + 'A'; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var...

0.4AI score
Exploits0
0day.today
0day.today
added 2007/12/30 12:0 a.m.20 views

Macrovision Installshield isusweb.dll SEH Overwrite Exploit

Exploit for unknown platform in category remote exploits =========================================================== Macrovision Installshield isusweb.dll SEH Overwrite Exploit =========================================================== Macrovision Installshield isusweb.dll SEH Overwrite Exploit...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/12/30 12:0 a.m.34 views

Macrovision Installshield - 'isusweb.dll' Overwrite (SEH)

Macrovision Installshield isusweb.dll SEH Overwrite Exploit function Check var buf = 'A'; while buf.length = 599 buf = buf + 'A'; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 =...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2007/12/26 12:17 p.m.64 views

Macrovision InstallShield Update Service Buffer Overflow

This module exploits a stack buffer overflow in Macrovision InstallShield Update ServiceIsusweb.dll 6.0.100.54472. By passing an overly long ProductCode string to the DownloadAndExecute method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...

9.3CVSS1.1AI score0.36619EPSS
Exploits12
securityvulns
securityvulns
added 2007/12/12 12:0 a.m.59 views

Microsoft Security Bulletin MS07-067 – Important Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)

Microsoft Security Bulletin MS07-067 – Important Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege 944653 Published: December 11, 2007 | Updated: December 12, 2007 Version: 1.1 General Information Executive Summary This important security update resolves one publicly...

6.9CVSS1.4AI score0.02903EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2007/12/11 12:0 a.m.35 views

MS07-067: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)

Macrovision SafeDisc, a copy-protection application for Microsoft Windows, is installed on the remote host. The 'SECDRV.SYS' driver included with the version of SafeDisc currently installed on the remote host enables a local user to gain SYSTEM privileges using a specially crafted argument to the...

6.9CVSS5.5AI score0.02903EPSS
Exploits2References2
Saint
Saint
added 2007/12/07 12:0 a.m.31 views

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.36619EPSS
Exploits12
Saint
Saint
added 2007/12/07 12:0 a.m.60 views

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.36619EPSS
Exploits12
Saint
Saint
added 2007/12/07 12:0 a.m.84 views

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.36619EPSS
Exploits12
Saint
Saint
added 2007/12/07 12:0 a.m.33 views

MacroVision InstallShield Update Service isusweb.dll unsafe method

Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.36619EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2007/11/13 12:0 a.m.88 views

Macrovision SafeDisc secdrv.sys Crafted METHOD_NEITHER IOCTL Local Overflow

Macrovision SafeDisc, a copy-protection application for Microsoft Windows, is installed on the remote host. The 'SECDRV.SYS' driver included with the version of SafeDisc currently installed on the remote host enables a local user to gain SYSTEM privileges using a specially crafted argument to the...

6.9CVSS5.5AI score0.02903EPSS
Exploits2References3
Prion
Prion
added 2007/11/02 4:46 p.m.26 views

Buffer overflow

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...

9.3CVSS8AI score0.36619EPSS
Exploits12References10Affected Software1
canvas
canvas
added 2007/11/02 4:46 p.m.39 views

Immunity Canvas: INSTALLSHIELD

Name| installshield ---|--- CVE| CVE-2007-5660 Exploit Pack| CANVAS Description| Macrovision InstallShield 2008 ActiveX Buffer Overflow Notes| CVE Name: CVE-2007-5660 VENDOR: Macrovision Repeatability: Infinite client side - no crash CVS URL:...

9.3CVSS6.3AI score0.36619EPSS
Exploits12
NVD
NVD
added 2007/11/02 4:46 p.m.20 views

CVE-2007-5660

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...

9.3CVSS7.7AI score0.36619EPSS
Exploits12References10
CVE
CVE
added 2007/11/02 4:0 p.m.150 views

CVE-2007-5660

CVE-2007-5660 affects Macrovision InstallShield Update Service ActiveX (Isusweb.dll). The connected sources describe a stack/remote buffer overflow in Isusweb.dll (Isusweb.dll 6.0.100.54472) exploited by passing an overly long ProductCode string to the DownloadAndExecute method, enabling arbitrar...

9.3CVSS7.6AI score0.36619EPSS
Exploits12References10Affected Software3
Cvelist
Cvelist
added 2007/11/02 4:0 p.m.35 views

CVE-2007-5660

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow...

7.7AI score0.36619EPSS
Exploits12References10
seebug.org
seebug.org
added 2007/11/02 12:0 a.m.29 views

Macrovision InstallShield升级服务ActiveX控件不安全方式漏洞

BUGTRAQ ID: 26280 CVECAN ID: CVE-2007-5660 MacroVision InstallShield是很多软件厂商都在使用的安装程序解决方案。 Macrovision InstallShield所安装的升级服务(Update Service)可选组件中存在多个不安全的方式,远程攻击者可能利用此漏洞通过诱使用户访问恶意网页控制用户系统。 该组件以以下ActiveX控件的形式实现: CLSID:E9880553-B8A7-4960-A668-95C68BED571E 文件:C:\Windows\Downloaded Files\isusweb.dll...

9.3CVSS6.4AI score0.36619EPSS
Exploits12
securityvulns
securityvulns
added 2007/11/02 12:0 a.m.79 views

iDefense Security Advisory 10.31.07: Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability

Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability iDefense Security Advisory 10.31.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 31, 2007 I. BACKGROUND MacroVision InstallShield is an installer solution utilized by many software vendors in order to ensur...

9.3CVSS0.8AI score0.36619EPSS
Exploits12
seebug.org
seebug.org
added 2007/10/26 12:0 a.m.31 views

Macrovision SafeDisc SecDRV.SYS驱动本地权限提升漏洞

BUGTRAQ ID: 26121 Macrovision的Safedisc是目前最常用在商业数据光盘上的防拷机制。 Safedisc的secdrv.sys实现上存在漏洞,本地攻击者可能利用此漏洞控制系统。 Safedisc所提供的secdrv.sys驱动中的以下代码段: .text:00015E2C cmp ebp+var10, 0CA002813h .text:00015E33 jz short loc15E69 IOCTL为METHODNEITHER,该驱动没有正确地处理这个方式: .text:00015ED9 call dword ptr eax+10h ; Internal...

6.9AI score
Exploits0
Rows per page
Query Builder