Back to CVE Browser

CVE-2007-5660

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.0780%

EPSS Percentile30.45th

PublishedNov 2, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.

Affected Platforms (CPE)

📦

Macrovision

Flexnet Connect

All versions

📦

Macrovision

Installshield 2008

All versions

📦

Macrovision

Update Service

= 3.0

📦

Macrovision

Update Service

= 4.0

📦

Macrovision

Update Service

= 5.0

📦

Macrovision

Update Service

= 5.1.100_47363

📦

Macrovision

Update Service

= 6.0.100_60146

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618

🔗 http://osvdb.org/38347

🔗 http://secunia.com/advisories/27475

🔗 http://support.installshield.com/kb/view.asp?articleid=Q113020

🔗 http://support.installshield.com/kb/view.asp?articleid=Q113602

🔗 http://www.macrovision.com/promolanding/7660.htm

🔗 http://www.securityfocus.com/bid/26280

🔗 http://www.securitytracker.com/id?1018881

Related Vulnerabilities

CVE-2007-241910.0

Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x all...

CVE-2007-03219.3

Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield...

CVE-2007-03289.3

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allo...

CVE-2008-10939.3

Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtained from GetRules.asp web pages ...