The InstallShield Update Service Agent ActiveX control in isusweb.dll allows remote attackers to cause a denial of service (memory corruption and browser crash) and possibly execute arbitrary code via a call to ExecuteRemote with a URL that results in a 404 error response.
References
Link | Resource |
---|---|
http://support.installshield.com/kb/view.asp?articleid=Q113020 | Patch |
http://www.kb.cert.org/vuls/id/630017 | Third Party Advisory US Government Resource |
http://www.securityfocus.com/bid/31235 | Third Party Advisory VDB Entry |
http://www.vupen.com/english/advisories/2008/2625 | Permissions Required Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/45248 | VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2008-09-18T18:00:00
Updated: 2017-08-07T12:57:01
Reserved: 2008-05-28T00:00:00
Link: CVE-2008-2470
JSON object: View
NVD Information
Status : Analyzed
Published: 2008-09-18T18:00:00.360
Modified: 2020-02-04T18:48:52.800
Link: CVE-2008-2470
JSON object: View
Redhat Information
No data.
CWE