Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for update_service by macrovision

    CVE-2007-6654 (GCVE-0-2007-6654)

    Vulnerability from nvd – Published: 2008-01-04 11:00 – Updated: 2024-08-07 16:18
    VLAI
    Summary
    Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different vulnerability than CVE-2007-0321, CVE-2007-2419, and CVE-2007-5660.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/4819 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/39980 vdb-entryx_refsource_OSVDB
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:18:19.248Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4819",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4819"
              },
              {
                "name": "39980",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/39980"
              },
              {
                "name": "20071224 Installshield Update Service isusweb.dll Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059288.html"
              },
              {
                "name": "macrovision-isusweb-bo(39204)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39204"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different vulnerability than CVE-2007-0321, CVE-2007-2419, and CVE-2007-5660."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4819",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4819"
            },
            {
              "name": "39980",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/39980"
            },
            {
              "name": "20071224 Installshield Update Service isusweb.dll Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059288.html"
            },
            {
              "name": "macrovision-isusweb-bo(39204)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39204"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-6654",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different vulnerability than CVE-2007-0321, CVE-2007-2419, and CVE-2007-5660."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4819",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4819"
                },
                {
                  "name": "39980",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/39980"
                },
                {
                  "name": "20071224 Installshield Update Service isusweb.dll Buffer Overflow",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059288.html"
                },
                {
                  "name": "macrovision-isusweb-bo(39204)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39204"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-6654",
        "datePublished": "2008-01-04T11:00:00.000Z",
        "dateReserved": "2008-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:18:19.248Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5660 (GCVE-0-2007-5660)

    Vulnerability from nvd – Published: 2007-11-02 16:00 – Updated: 2024-08-07 15:39
    VLAI
    Summary
    Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://support.installshield.com/kb/view.asp?arti… x_refsource_CONFIRM
    http://secunia.com/advisories/27475 third-party-advisoryx_refsource_SECUNIA
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://osvdb.org/38347 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2007/3670 vdb-entryx_refsource_VUPEN
    http://www.securitytracker.com/id?1018881 vdb-entryx_refsource_SECTRACK
    http://www.macrovision.com/promolanding/7660.htm x_refsource_CONFIRM
    http://www.securityfocus.com/bid/26280 vdb-entryx_refsource_BID
    http://support.installshield.com/kb/view.asp?arti… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-10-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:39:13.712Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
              },
              {
                "name": "27475",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27475"
              },
              {
                "name": "20071031 Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618"
              },
              {
                "name": "38347",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38347"
              },
              {
                "name": "ADV-2007-3670",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3670"
              },
              {
                "name": "1018881",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018881"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.macrovision.com/promolanding/7660.htm"
              },
              {
                "name": "26280",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26280"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.installshield.com/kb/view.asp?articleid=Q113602"
              },
              {
                "name": "macrovision-isusweb-code-execution(38210)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38210"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified \"unsafe method,\" possibly involving a buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
            },
            {
              "name": "27475",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27475"
            },
            {
              "name": "20071031 Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618"
            },
            {
              "name": "38347",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38347"
            },
            {
              "name": "ADV-2007-3670",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3670"
            },
            {
              "name": "1018881",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018881"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.macrovision.com/promolanding/7660.htm"
            },
            {
              "name": "26280",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26280"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.installshield.com/kb/view.asp?articleid=Q113602"
            },
            {
              "name": "macrovision-isusweb-code-execution(38210)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38210"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified \"unsafe method,\" possibly involving a buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.installshield.com/kb/view.asp?articleid=Q113020",
                  "refsource": "CONFIRM",
                  "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
                },
                {
                  "name": "27475",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27475"
                },
                {
                  "name": "20071031 Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618"
                },
                {
                  "name": "38347",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38347"
                },
                {
                  "name": "ADV-2007-3670",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3670"
                },
                {
                  "name": "1018881",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018881"
                },
                {
                  "name": "http://www.macrovision.com/promolanding/7660.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.macrovision.com/promolanding/7660.htm"
                },
                {
                  "name": "26280",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26280"
                },
                {
                  "name": "http://support.installshield.com/kb/view.asp?articleid=Q113602",
                  "refsource": "CONFIRM",
                  "url": "http://support.installshield.com/kb/view.asp?articleid=Q113602"
                },
                {
                  "name": "macrovision-isusweb-code-execution(38210)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38210"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5660",
        "datePublished": "2007-11-02T16:00:00.000Z",
        "dateReserved": "2007-10-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:39:13.712Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2419 (GCVE-0-2007-2419)

    Vulnerability from nvd – Published: 2007-06-06 10:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-06-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.724Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
              },
              {
                "name": "macrovision-boisweb-bo(34721)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34721"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-09"
              },
              {
                "name": "ADV-2007-2070",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2070"
              },
              {
                "name": "36983",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36983"
              },
              {
                "name": "25509",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25509"
              },
              {
                "name": "20070605 TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/470585/100/0/threaded"
              },
              {
                "name": "1018195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018195"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
            },
            {
              "name": "macrovision-boisweb-bo(34721)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34721"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-09"
            },
            {
              "name": "ADV-2007-2070",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2070"
            },
            {
              "name": "36983",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36983"
            },
            {
              "name": "25509",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25509"
            },
            {
              "name": "20070605 TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/470585/100/0/threaded"
            },
            {
              "name": "1018195",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018195"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2419",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.installshield.com/kb/view.asp?articleid=Q113020",
                  "refsource": "CONFIRM",
                  "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
                },
                {
                  "name": "macrovision-boisweb-bo(34721)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34721"
                },
                {
                  "name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-09",
                  "refsource": "MISC",
                  "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-09"
                },
                {
                  "name": "ADV-2007-2070",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2070"
                },
                {
                  "name": "36983",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36983"
                },
                {
                  "name": "25509",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25509"
                },
                {
                  "name": "20070605 TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/470585/100/0/threaded"
                },
                {
                  "name": "1018195",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018195"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2419",
        "datePublished": "2007-06-06T10:00:00.000Z",
        "dateReserved": "2007-05-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.724Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-0328 (GCVE-0-2007-0328)

    Vulnerability from nvd – Published: 2007-06-01 00:00 – Updated: 2024-08-07 12:12
    VLAI
    Summary
    The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/36896 vdb-entryx_refsource_OSVDB
    http://support.installshield.com/kb/view.asp?arti… x_refsource_CONFIRM
    http://secunia.com/advisories/32842 third-party-advisoryx_refsource_SECUNIA
    http://www.blackberry.com/btsc/articles/749/KB164… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2017 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25501 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2008/3278 vdb-entryx_refsource_VUPEN
    http://www.kb.cert.org/vuls/id/524681 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-05-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:12:18.093Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "36896",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36896"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
              },
              {
                "name": "32842",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32842"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html"
              },
              {
                "name": "ADV-2007-2017",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2017"
              },
              {
                "name": "25501",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25501"
              },
              {
                "name": "ADV-2008-3278",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/3278"
              },
              {
                "name": "VU#524681",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/524681"
              },
              {
                "name": "macrovision-dwupdate-command-execution(34660)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34660"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "36896",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36896"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
            },
            {
              "name": "32842",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32842"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html"
            },
            {
              "name": "ADV-2007-2017",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2017"
            },
            {
              "name": "25501",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25501"
            },
            {
              "name": "ADV-2008-3278",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/3278"
            },
            {
              "name": "VU#524681",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/524681"
            },
            {
              "name": "macrovision-dwupdate-command-execution(34660)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34660"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2007-0328",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "36896",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36896"
                },
                {
                  "name": "http://support.installshield.com/kb/view.asp?articleid=Q113020",
                  "refsource": "CONFIRM",
                  "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
                },
                {
                  "name": "32842",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32842"
                },
                {
                  "name": "http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html"
                },
                {
                  "name": "ADV-2007-2017",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2017"
                },
                {
                  "name": "25501",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25501"
                },
                {
                  "name": "ADV-2008-3278",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/3278"
                },
                {
                  "name": "VU#524681",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/524681"
                },
                {
                  "name": "macrovision-dwupdate-command-execution(34660)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34660"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2007-0328",
        "datePublished": "2007-06-01T00:00:00.000Z",
        "dateReserved": "2007-01-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T12:12:18.093Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-6654 (GCVE-0-2007-6654)

    Vulnerability from cvelistv5 – Published: 2008-01-04 11:00 – Updated: 2024-08-07 16:18
    VLAI
    Summary
    Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different vulnerability than CVE-2007-0321, CVE-2007-2419, and CVE-2007-5660.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/4819 exploitx_refsource_EXPLOIT-DB
    http://osvdb.org/39980 vdb-entryx_refsource_OSVDB
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:18:19.248Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "4819",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4819"
              },
              {
                "name": "39980",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/39980"
              },
              {
                "name": "20071224 Installshield Update Service isusweb.dll Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059288.html"
              },
              {
                "name": "macrovision-isusweb-bo(39204)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39204"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different vulnerability than CVE-2007-0321, CVE-2007-2419, and CVE-2007-5660."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "4819",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4819"
            },
            {
              "name": "39980",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/39980"
            },
            {
              "name": "20071224 Installshield Update Service isusweb.dll Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059288.html"
            },
            {
              "name": "macrovision-isusweb-bo(39204)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39204"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-6654",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different vulnerability than CVE-2007-0321, CVE-2007-2419, and CVE-2007-5660."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "4819",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4819"
                },
                {
                  "name": "39980",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/39980"
                },
                {
                  "name": "20071224 Installshield Update Service isusweb.dll Buffer Overflow",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059288.html"
                },
                {
                  "name": "macrovision-isusweb-bo(39204)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39204"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-6654",
        "datePublished": "2008-01-04T11:00:00.000Z",
        "dateReserved": "2008-01-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:18:19.248Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5660 (GCVE-0-2007-5660)

    Vulnerability from cvelistv5 – Published: 2007-11-02 16:00 – Updated: 2024-08-07 15:39
    VLAI
    Summary
    Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://support.installshield.com/kb/view.asp?arti… x_refsource_CONFIRM
    http://secunia.com/advisories/27475 third-party-advisoryx_refsource_SECUNIA
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://osvdb.org/38347 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2007/3670 vdb-entryx_refsource_VUPEN
    http://www.securitytracker.com/id?1018881 vdb-entryx_refsource_SECTRACK
    http://www.macrovision.com/promolanding/7660.htm x_refsource_CONFIRM
    http://www.securityfocus.com/bid/26280 vdb-entryx_refsource_BID
    http://support.installshield.com/kb/view.asp?arti… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-10-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:39:13.712Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
              },
              {
                "name": "27475",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27475"
              },
              {
                "name": "20071031 Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618"
              },
              {
                "name": "38347",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/38347"
              },
              {
                "name": "ADV-2007-3670",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3670"
              },
              {
                "name": "1018881",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018881"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.macrovision.com/promolanding/7660.htm"
              },
              {
                "name": "26280",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26280"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.installshield.com/kb/view.asp?articleid=Q113602"
              },
              {
                "name": "macrovision-isusweb-code-execution(38210)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38210"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified \"unsafe method,\" possibly involving a buffer overflow."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
            },
            {
              "name": "27475",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27475"
            },
            {
              "name": "20071031 Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618"
            },
            {
              "name": "38347",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/38347"
            },
            {
              "name": "ADV-2007-3670",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3670"
            },
            {
              "name": "1018881",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018881"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.macrovision.com/promolanding/7660.htm"
            },
            {
              "name": "26280",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26280"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.installshield.com/kb/view.asp?articleid=Q113602"
            },
            {
              "name": "macrovision-isusweb-code-execution(38210)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38210"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5660",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified \"unsafe method,\" possibly involving a buffer overflow."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.installshield.com/kb/view.asp?articleid=Q113020",
                  "refsource": "CONFIRM",
                  "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
                },
                {
                  "name": "27475",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27475"
                },
                {
                  "name": "20071031 Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=618"
                },
                {
                  "name": "38347",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/38347"
                },
                {
                  "name": "ADV-2007-3670",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3670"
                },
                {
                  "name": "1018881",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018881"
                },
                {
                  "name": "http://www.macrovision.com/promolanding/7660.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.macrovision.com/promolanding/7660.htm"
                },
                {
                  "name": "26280",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26280"
                },
                {
                  "name": "http://support.installshield.com/kb/view.asp?articleid=Q113602",
                  "refsource": "CONFIRM",
                  "url": "http://support.installshield.com/kb/view.asp?articleid=Q113602"
                },
                {
                  "name": "macrovision-isusweb-code-execution(38210)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38210"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5660",
        "datePublished": "2007-11-02T16:00:00.000Z",
        "dateReserved": "2007-10-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:39:13.712Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-2419 (GCVE-0-2007-2419)

    Vulnerability from cvelistv5 – Published: 2007-06-06 10:00 – Updated: 2024-08-07 13:33
    VLAI
    Summary
    Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2007-06-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:33:28.724Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
              },
              {
                "name": "macrovision-boisweb-bo(34721)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34721"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-09"
              },
              {
                "name": "ADV-2007-2070",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2070"
              },
              {
                "name": "36983",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36983"
              },
              {
                "name": "25509",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25509"
              },
              {
                "name": "20070605 TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/470585/100/0/threaded"
              },
              {
                "name": "1018195",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018195"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
            },
            {
              "name": "macrovision-boisweb-bo(34721)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34721"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-09"
            },
            {
              "name": "ADV-2007-2070",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2070"
            },
            {
              "name": "36983",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36983"
            },
            {
              "name": "25509",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25509"
            },
            {
              "name": "20070605 TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/470585/100/0/threaded"
            },
            {
              "name": "1018195",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018195"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-2419",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://support.installshield.com/kb/view.asp?articleid=Q113020",
                  "refsource": "CONFIRM",
                  "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
                },
                {
                  "name": "macrovision-boisweb-bo(34721)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34721"
                },
                {
                  "name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-09",
                  "refsource": "MISC",
                  "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-09"
                },
                {
                  "name": "ADV-2007-2070",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2070"
                },
                {
                  "name": "36983",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36983"
                },
                {
                  "name": "25509",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25509"
                },
                {
                  "name": "20070605 TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/470585/100/0/threaded"
                },
                {
                  "name": "1018195",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018195"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-2419",
        "datePublished": "2007-06-06T10:00:00.000Z",
        "dateReserved": "2007-05-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:33:28.724Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-0328 (GCVE-0-2007-0328)

    Vulnerability from cvelistv5 – Published: 2007-06-01 00:00 – Updated: 2024-08-07 12:12
    VLAI
    Summary
    The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/36896 vdb-entryx_refsource_OSVDB
    http://support.installshield.com/kb/view.asp?arti… x_refsource_CONFIRM
    http://secunia.com/advisories/32842 third-party-advisoryx_refsource_SECUNIA
    http://www.blackberry.com/btsc/articles/749/KB164… x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2017 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25501 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2008/3278 vdb-entryx_refsource_VUPEN
    http://www.kb.cert.org/vuls/id/524681 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-05-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:12:18.093Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "36896",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/36896"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
              },
              {
                "name": "32842",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32842"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html"
              },
              {
                "name": "ADV-2007-2017",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2017"
              },
              {
                "name": "25501",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25501"
              },
              {
                "name": "ADV-2008-3278",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/3278"
              },
              {
                "name": "VU#524681",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/524681"
              },
              {
                "name": "macrovision-dwupdate-command-execution(34660)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34660"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-05-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "36896",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/36896"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
            },
            {
              "name": "32842",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32842"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html"
            },
            {
              "name": "ADV-2007-2017",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2017"
            },
            {
              "name": "25501",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25501"
            },
            {
              "name": "ADV-2008-3278",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/3278"
            },
            {
              "name": "VU#524681",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/524681"
            },
            {
              "name": "macrovision-dwupdate-command-execution(34660)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34660"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2007-0328",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "36896",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/36896"
                },
                {
                  "name": "http://support.installshield.com/kb/view.asp?articleid=Q113020",
                  "refsource": "CONFIRM",
                  "url": "http://support.installshield.com/kb/view.asp?articleid=Q113020"
                },
                {
                  "name": "32842",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32842"
                },
                {
                  "name": "http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html"
                },
                {
                  "name": "ADV-2007-2017",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2017"
                },
                {
                  "name": "25501",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25501"
                },
                {
                  "name": "ADV-2008-3278",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2008/3278"
                },
                {
                  "name": "VU#524681",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/524681"
                },
                {
                  "name": "macrovision-dwupdate-command-execution(34660)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34660"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2007-0328",
        "datePublished": "2007-06-01T00:00:00.000Z",
        "dateReserved": "2007-01-17T00:00:00.000Z",
        "dateUpdated": "2024-08-07T12:12:18.093Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }