Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6654

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-6654
Last Modified 15 Nov 2008 02:05:44
Published 04 Jan 2008 06:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6654

Summary

Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different vulnerability than CVE-2007-0321, CVE-2007-2419, and CVE-2007-5660.

Vulnerable Systems

Application

  • Macrovision Update Service 5.1.100 47363


References

XF - macrovision-isusweb-bo(39204)

MILW0RM - 4819

OSVDB - 39980

FULLDISC - 20071224 Installshield Update Service isusweb.dll Buffer Overflow


Last Updated: 27 May 2016 10:46:35