Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6744

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2007-6744
Last Modified 20 Jan 2012 12:00:00
Published 19 Jan 2012 02:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-6744

Summary

Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended application during certain signature operations involving .spc and .pvk files, which might allow local users to obtain sensitive information via unspecified vectors, related to an incorrect interaction between InstallShield and Signcode.exe.

Vulnerable Systems

Application

  • Flexerasoftware Installshield 1.0

  • Flexerasoftware Installshield 10.5

  • Flexerasoftware Installshield 11

  • Flexerasoftware Installshield 11.5

  • Flexerasoftware Installshield 12

  • Flexerasoftware Installshield 2.0

  • Flexerasoftware Installshield 3.0


References

CONFIRM - http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Installation-InstallShield-InstallShield2008Premier-Public-ProductInfo-IS2008PremProReleaseNotes2pdf&sliceId=pdfPage_42


Last Updated: 27 May 2016 10:57:22