Vulnerabilities for Flexnet connect (...) - CXSECURITY.COM

Vulnerabilities for 'Flexnet connect'

2008-09-18

CVE-2008-2470

CWE-noinfo

The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response.

2007-11-02

CVE-2007-5660

CWE-noinfo

Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.

2007-06-06

CVE-2007-2419

CWE-Other

Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328.

2007-05-31

CVE-2007-0328

CWE-DesignError

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.

2007-02-22

CVE-2007-0321

Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield Update Service) allows remote attackers to execute arbitrary code via the Download method.

>>> Vendor: Macrovision 7 Products

Installfromtheweb

Flexnet connect

Installanywhere

Installshield 2008

Copyright 2024, cxsecurity.com