CVE-2007-5660

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618
http://osvdb.org/38347
http://secunia.com/advisories/27475	Patch Vendor Advisory
http://support.installshield.com/kb/view.asp?articleid=Q113020	Patch
http://support.installshield.com/kb/view.asp?articleid=Q113602	Patch
http://www.macrovision.com/promolanding/7660.htm	Patch
http://www.securityfocus.com/bid/26280	Patch
http://www.securitytracker.com/id?1018881
http://www.vupen.com/english/advisories/2007/3670
https://exchange.xforce.ibmcloud.com/vulnerabilities/38210
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618
http://osvdb.org/38347
http://secunia.com/advisories/27475	Patch Vendor Advisory
http://support.installshield.com/kb/view.asp?articleid=Q113020	Patch
http://support.installshield.com/kb/view.asp?articleid=Q113602	Patch
http://www.macrovision.com/promolanding/7660.htm	Patch
http://www.securityfocus.com/bid/26280	Patch
http://www.securitytracker.com/id?1018881
http://www.vupen.com/english/advisories/2007/3670
https://exchange.xforce.ibmcloud.com/vulnerabilities/38210

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:macrovision:flexnet_connect::::::::
	cpe:2.3:a:macrovision:installshield_2008::::::::
	cpe:2.3:a:macrovision:update_service:3.0:::::::*
	cpe:2.3:a:macrovision:update_service:4.0:::::::*
	cpe:2.3:a:macrovision:update_service:5.0:::::::*
	cpe:2.3:a:macrovision:update_service:5.1.100_47363:::::::*
	cpe:2.3:a:macrovision:update_service:6.0.100_60146:::::::*

History

21 Nov 2024, 00:38

Type	Values Removed	Values Added
References	~~() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618 -~~	() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618 -
References	~~() http://osvdb.org/38347 -~~	() http://osvdb.org/38347 -
References	~~() http://secunia.com/advisories/27475 - Patch, Vendor Advisory~~	() http://secunia.com/advisories/27475 - Patch, Vendor Advisory
References	~~() http://support.installshield.com/kb/view.asp?articleid=Q113020 - Patch~~	() http://support.installshield.com/kb/view.asp?articleid=Q113020 - Patch
References	~~() http://support.installshield.com/kb/view.asp?articleid=Q113602 - Patch~~	() http://support.installshield.com/kb/view.asp?articleid=Q113602 - Patch
References	~~() http://www.macrovision.com/promolanding/7660.htm - Patch~~	() http://www.macrovision.com/promolanding/7660.htm - Patch
References	~~() http://www.securityfocus.com/bid/26280 - Patch~~	() http://www.securityfocus.com/bid/26280 - Patch
References	~~() http://www.securitytracker.com/id?1018881 -~~	() http://www.securitytracker.com/id?1018881 -
References	~~() http://www.vupen.com/english/advisories/2007/3670 -~~	() http://www.vupen.com/english/advisories/2007/3670 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/38210 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/38210 -

Information

Published : 2007-11-02 16:46

Updated : 2024-11-21 00:38

NVD link : CVE-2007-5660

Mitre link : CVE-2007-5660

CVE.ORG link : CVE-2007-5660

JSON object : View

Products Affected

macrovision

installshield_2008
flexnet_connect
update_service

CWE

NVD-CWE-noinfo

9.3 /10