The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.
References
Link | Resource |
---|---|
http://osvdb.org/36896 | |
http://secunia.com/advisories/25501 | Vendor Advisory |
http://secunia.com/advisories/32842 | Vendor Advisory |
http://support.installshield.com/kb/view.asp?articleid=Q113020 | Patch |
http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html | |
http://www.kb.cert.org/vuls/id/524681 | Patch US Government Resource |
http://www.vupen.com/english/advisories/2007/2017 | Vendor Advisory |
http://www.vupen.com/english/advisories/2008/3278 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/34660 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2007-06-01T00:00:00
Updated: 2017-07-28T12:57:01
Reserved: 2007-01-17T00:00:00
Link: CVE-2007-0328
JSON object: View
NVD Information
Status : Modified
Published: 2007-06-01T00:30:00.000
Modified: 2017-07-29T01:30:07.733
Link: CVE-2007-0328
JSON object: View
Redhat Information
No data.
CWE