Installshield 2008
by Macrovision
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-5660 | 0.06 | — | 0.37 | Nov 2, 2007 | Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow. | |||
| CVE-2007-6744 | 0.00 | — | 0.00 | Jan 19, 2012 | Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended application during certain signature operations involving .spc and .pvk files, which might allow local users to obtain sensitive information via unspecified vectors, related to an… | |||
| CVE-2007-5661 | 0.00 | — | 0.02 | Apr 4, 2008 | The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine. |
- CVE-2007-5660Nov 2, 2007risk 0.06cvss —epss 0.37
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.
- CVE-2007-6744Jan 19, 2012risk 0.00cvss —epss 0.00
Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended application during certain signature operations involving .spc and .pvk files, which might allow local users to obtain sensitive information via unspecified vectors, related to an…
- CVE-2007-5661Apr 4, 2008risk 0.00cvss —epss 0.02
The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine.