CVSS: 9.3EPSS: 74%CPEs: 1EXPL: 0CVE-2008-2470
https://notcve.org/view.php?id=CVE-2008-2470
The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response. El control ActiveX InstallShield Update Service Agent en isusweb.dll que permite a los atacantes remotos causar una denegación de servicios (corrupción de memoria y caída del navegador) y posiblemente ejecutar arbitrariamente código a través de una llamada a ExecuteRemote con una URL que resulta de una respuesta de error 404. • http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.kb.cert.org/vuls/id/630017 http://www.securityfocus.com/bid/31235 http://www.vupen.com/english/advisories/2008/2625 https://exchange.xforce.ibmcloud.com/vulnerabilities/45248 •
CVSS: 10.0EPSS: 11%CPEs: 4EXPL: 0CVE-2007-2419
https://notcve.org/view.php?id=CVE-2007-2419
Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328. Múltiples desordamientos de búfer en un control ActiveX (boisweb.dll) en Macrovision FLEXnet Connect 6.0 y Update Service 3.x hasta 5.x permite a atacantes remotos ejecutar código de su elección a través de (1) el segudo parámetro del método DownloadAndExecute y (2) el tercer parámetro del método AddFileEx, una vulnerabilidad diferente de CVE-2007-0328. • http://dvlabs.tippingpoint.com/advisory/TPTI-07-09 http://osvdb.org/36983 http://secunia.com/advisories/25509 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.securityfocus.com/archive/1/470585/100/0/threaded http://www.securitytracker.com/id?1018195 http://www.vupen.com/english/advisories/2007/2070 https://exchange.xforce.ibmcloud.com/vulnerabilities/34721 •
CVSS: 9.3EPSS: 3%CPEs: 4EXPL: 0CVE-2007-0328
https://notcve.org/view.php?id=CVE-2007-0328
The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method. El control ActiveX DWUpdateService en el agente (agent.exe) en Macrovision FLEXnet Connect versión 6.0 y Update Service versiones 3.x hasta 5.x, permite a atacantes remotos ejecutar comandos arbitrarios por medio de (1) el método Execute y obtener el estado de salida usando (2) el método GetExitCode. • http://osvdb.org/36896 http://secunia.com/advisories/25501 http://secunia.com/advisories/32842 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html http://www.kb.cert.org/vuls/id/524681 http://www.vupen.com/english/advisories/2007/2017 http://www.vupen.com/english/advisories/2008/3278 https://exchange.xforce.ibmcloud.com/vulnerabilities/34660 •