CVSS: 9.3EPSS: 74%CPEs: 1EXPL: 0CVE-2008-2470
https://notcve.org/view.php?id=CVE-2008-2470
The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response. El control ActiveX InstallShield Update Service Agent en isusweb.dll que permite a los atacantes remotos causar una denegación de servicios (corrupción de memoria y caída del navegador) y posiblemente ejecutar arbitrariamente código a través de una llamada a ExecuteRemote con una URL que resulta de una respuesta de error 404. • http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.kb.cert.org/vuls/id/630017 http://www.securityfocus.com/bid/31235 http://www.vupen.com/english/advisories/2008/2625 https://exchange.xforce.ibmcloud.com/vulnerabilities/45248 •
CVSS: 9.3EPSS: 96%CPEs: 7EXPL: 2CVE-2007-5660 – Macrovision Installshield Update Service - ActiveX Unsafe Method
https://notcve.org/view.php?id=CVE-2007-5660
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow. Vulnerabilidad sin especificar en el control de ActiveX Update Service en el isusweb.dll anterior al 6.0.100.65101 en el MacroVision FLEXnet Connect y InstallShield 2008 permite a atacantes remotos ejecutar código de su elección a través de "un método inseguro" sin especificar y, posiblemente, involucrando un desbordamiento de búfer. • https://www.exploit-db.com/exploits/16602 https://www.exploit-db.com/exploits/16573 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618 http://osvdb.org/38347 http://secunia.com/advisories/27475 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://support.installshield.com/kb/view.asp?articleid=Q113602 http://www.macrovision.com/promolanding/7660.htm http://www.securityfocus.com/bid/26280 http://www.securitytracker.com/id?1018881 http://www. •
CVSS: 10.0EPSS: 11%CPEs: 4EXPL: 0CVE-2007-2419
https://notcve.org/view.php?id=CVE-2007-2419
Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328. Múltiples desordamientos de búfer en un control ActiveX (boisweb.dll) en Macrovision FLEXnet Connect 6.0 y Update Service 3.x hasta 5.x permite a atacantes remotos ejecutar código de su elección a través de (1) el segudo parámetro del método DownloadAndExecute y (2) el tercer parámetro del método AddFileEx, una vulnerabilidad diferente de CVE-2007-0328. • http://dvlabs.tippingpoint.com/advisory/TPTI-07-09 http://osvdb.org/36983 http://secunia.com/advisories/25509 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.securityfocus.com/archive/1/470585/100/0/threaded http://www.securitytracker.com/id?1018195 http://www.vupen.com/english/advisories/2007/2070 https://exchange.xforce.ibmcloud.com/vulnerabilities/34721 •
CVSS: 9.3EPSS: 3%CPEs: 4EXPL: 0CVE-2007-0328
https://notcve.org/view.php?id=CVE-2007-0328
The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method. El control ActiveX DWUpdateService en el agente (agent.exe) en Macrovision FLEXnet Connect versión 6.0 y Update Service versiones 3.x hasta 5.x, permite a atacantes remotos ejecutar comandos arbitrarios por medio de (1) el método Execute y obtener el estado de salida usando (2) el método GetExitCode. • http://osvdb.org/36896 http://secunia.com/advisories/25501 http://secunia.com/advisories/32842 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html http://www.kb.cert.org/vuls/id/524681 http://www.vupen.com/english/advisories/2007/2017 http://www.vupen.com/english/advisories/2008/3278 https://exchange.xforce.ibmcloud.com/vulnerabilities/34660 •
CVSS: 9.3EPSS: 11%CPEs: 1EXPL: 0CVE-2007-0321
https://notcve.org/view.php?id=CVE-2007-0321
Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield Update Service) allows remote attackers to execute arbitrary code via the Download method. Desbordamiento de búfer en el control ActiveX Update Service Agent en isusweb.dll para Macrovision FLEXnet Connect (antiguamente InstallShield Update Service) permite a atacantes remotos ejecutar código de su elección mediante el método Download. • http://osvdb.org/33532 http://secunia.com/advisories/24270 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.kb.cert.org/vuls/id/847993 http://www.kb.cert.org/vuls/id/MAPG-6UERNR http://www.vupen.com/english/advisories/2007/0706 https://exchange.xforce.ibmcloud.com/vulnerabilities/32678 •