VYPR

InstallShield Update Agent

by Macrovision

CVEs (2)

  • CVE-2007-6654Jan 4, 2008
    risk 0.03cvss epss 0.06

    Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different…

  • CVE-2008-1093Sep 18, 2008
    risk 0.00cvss epss 0.02

    Acresso InstallShield Update Agent does not properly verify the authenticity of Rule Scripts obtained from GetRules.asp web pages on FLEXnet Connect servers, which allows remote man-in-the-middle attackers to execute arbitrary VBScript code via Trojan horse Rules.