CVSS: 9.3EPSS: 96%CPEs: 7EXPL: 2CVE-2007-5660 – Macrovision Installshield Update Service - ActiveX Unsafe Method
https://notcve.org/view.php?id=CVE-2007-5660
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow. Vulnerabilidad sin especificar en el control de ActiveX Update Service en el isusweb.dll anterior al 6.0.100.65101 en el MacroVision FLEXnet Connect y InstallShield 2008 permite a atacantes remotos ejecutar código de su elección a través de "un método inseguro" sin especificar y, posiblemente, involucrando un desbordamiento de búfer. • https://www.exploit-db.com/exploits/16602 https://www.exploit-db.com/exploits/16573 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618 http://osvdb.org/38347 http://secunia.com/advisories/27475 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://support.installshield.com/kb/view.asp?articleid=Q113602 http://www.macrovision.com/promolanding/7660.htm http://www.securityfocus.com/bid/26280 http://www.securitytracker.com/id?1018881 http://www. •
CVSS: 10.0EPSS: 11%CPEs: 4EXPL: 0CVE-2007-2419
https://notcve.org/view.php?id=CVE-2007-2419
Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328. Múltiples desordamientos de búfer en un control ActiveX (boisweb.dll) en Macrovision FLEXnet Connect 6.0 y Update Service 3.x hasta 5.x permite a atacantes remotos ejecutar código de su elección a través de (1) el segudo parámetro del método DownloadAndExecute y (2) el tercer parámetro del método AddFileEx, una vulnerabilidad diferente de CVE-2007-0328. • http://dvlabs.tippingpoint.com/advisory/TPTI-07-09 http://osvdb.org/36983 http://secunia.com/advisories/25509 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.securityfocus.com/archive/1/470585/100/0/threaded http://www.securitytracker.com/id?1018195 http://www.vupen.com/english/advisories/2007/2070 https://exchange.xforce.ibmcloud.com/vulnerabilities/34721 •
CVSS: 9.3EPSS: 3%CPEs: 4EXPL: 0CVE-2007-0328
https://notcve.org/view.php?id=CVE-2007-0328
The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method. El control ActiveX DWUpdateService en el agente (agent.exe) en Macrovision FLEXnet Connect versión 6.0 y Update Service versiones 3.x hasta 5.x, permite a atacantes remotos ejecutar comandos arbitrarios por medio de (1) el método Execute y obtener el estado de salida usando (2) el método GetExitCode. • http://osvdb.org/36896 http://secunia.com/advisories/25501 http://secunia.com/advisories/32842 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html http://www.kb.cert.org/vuls/id/524681 http://www.vupen.com/english/advisories/2007/2017 http://www.vupen.com/english/advisories/2008/3278 https://exchange.xforce.ibmcloud.com/vulnerabilities/34660 •