CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-5660

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0780%
EPSS Percentile30.45th
Published2007年11月2日
Last Modified2026年4月23日

Vulnerability Description

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.

Affected Platforms (CPE)

📦
Macrovision

Flexnet Connect

All versions
📦
Macrovision

Installshield 2008

All versions
📦
Macrovision

Update Service

= 3.0
📦
Macrovision

Update Service

= 4.0
📦
Macrovision

Update Service

= 5.0
📦
Macrovision

Update Service

= 5.1.100_47363
📦
Macrovision

Update Service

= 6.0.100_60146

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618
🔗 http://osvdb.org/38347
🔗 http://secunia.com/advisories/27475
🔗 http://support.installshield.com/kb/view.asp?articleid=Q113020
🔗 http://support.installshield.com/kb/view.asp?articleid=Q113602
🔗 http://www.macrovision.com/promolanding/7660.htm
🔗 http://www.securityfocus.com/bid/26280
🔗 http://www.securitytracker.com/id?1018881

関連する脆弱性情報

CVE-2007-241910.0

Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x all...

CVE-2007-03219.3

Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield...

CVE-2007-03289.3

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allo...

CVE-2008-10939.3

Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtained from GetRules.asp web pages ...