OSVDB ID: 85539

Title: Flexera AdminStudio / InstallShield ISGrid.dll ActiveX DoFindReplace() Method Memory Corruption

Info

Disclosure

Aug 29, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Aug 14, 2012

Description

A memory corruption flaw exists in Flexera AdminStudio and InstallShield. The ISGrid.dll ActiveX control fails to sanitize user-supplied input supplied to the DoFindReplace() method resulting in a heap corruption. This may allow a context-dependent attacker to execute arbitrary code.

Classification

Location: Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private
Disclosure: Coordinated Disclosure

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Novell has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Flexera Software LLC.	AdminStudio	9.0
		9.5
		10.0
		Limited Editions
	InstallShield	2009
		2010
		2011
		Limited Editions

References

Vendor Specific Advisory URL: http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Q201079&sliceId=1&docTypeID=DT_HOTFIX_1_1&dialogID=125341070&stateId=00%20125337386
Vendor URL: http://www.flexerasoftware.com/promolanding/7344.htm
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-12-180/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/85539

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Flexera Software LLC.

AdminStudio

InstallShield

References

Credit