CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 0CVE-2007-5661
https://notcve.org/view.php?id=CVE-2007-5661
The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine. El control ActiveX Macrovision InstallShield InstallScript One-Click Install (OCI) 12.0 versiones anteriores SP2 no valida los ficheros DLL que se consideran como parámetros del control, lo cual permite a atacantes remotos descargar código de librerías de su elección de la máquina cliente. • http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=649 http://secunia.com/advisories/29549 http://securitytracker.com/id?1019735 http://www.securityfocus.com/bid/28533 http://www.vupen.com/english/advisories/2008/1049 https://exchange.xforce.ibmcloud.com/vulnerabilities/41558 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 96%CPEs: 7EXPL: 2CVE-2007-5660 – Macrovision Installshield Update Service - ActiveX Unsafe Method
https://notcve.org/view.php?id=CVE-2007-5660
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow. Vulnerabilidad sin especificar en el control de ActiveX Update Service en el isusweb.dll anterior al 6.0.100.65101 en el MacroVision FLEXnet Connect y InstallShield 2008 permite a atacantes remotos ejecutar código de su elección a través de "un método inseguro" sin especificar y, posiblemente, involucrando un desbordamiento de búfer. • https://www.exploit-db.com/exploits/16602 https://www.exploit-db.com/exploits/16573 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618 http://osvdb.org/38347 http://secunia.com/advisories/27475 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://support.installshield.com/kb/view.asp?articleid=Q113602 http://www.macrovision.com/promolanding/7660.htm http://www.securityfocus.com/bid/26280 http://www.securitytracker.com/id?1018881 http://www. •