CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0321

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0530%
EPSS Percentile17.35th
PublishedFeb 23, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield Update Service) allows remote attackers to execute arbitrary code via the Download method.

Affected Platforms (CPE)

πŸ“¦
Macrovision

Flexnet Connect

All versions

References & Advisories

πŸ”— http://osvdb.org/33532
πŸ”— http://secunia.com/advisories/24270
πŸ”— http://support.installshield.com/kb/view.asp?articleid=Q113020
πŸ”— http://www.kb.cert.org/vuls/id/847993
πŸ”— http://www.kb.cert.org/vuls/id/MAPG-6UERNR
πŸ”— http://www.vupen.com/english/advisories/2007/0706
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/32678
πŸ”— http://osvdb.org/33532

Related Vulnerabilities

CVE-2007-241910.0

Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x all...

CVE-2007-03289.3

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allo...

CVE-2007-56609.3

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect...

CVE-2008-10939.3

Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtained from GetRules.asp web pages ...