OSVDB ID: 43956

Title: Macrovision InstallShield InstallScript One-Click Install ActiveX Arbitrary Code Execution

Info

Disclosure

Mar 31, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Mar 31, 2008

Description

Classification

Location: Remote/Network Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch
Disclosure: Coordinated Disclosure
OSVDB: Web Related

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Macrovision has released a patch to address this vulnerability.

Products

Unknown or Incomplete

References

FrSIRT Advisory: ADV-2008-1049
Bugtraq ID: 28533
Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=649
ISS X-Force ID: 41558
Secunia Advisory ID: 29549
CVE ID: 2007-5661 (see also: NVD)
Vendor Specific Solution URL: http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&e ......
Security Tracker: 1019735

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218