Intrusion Prevention

Macrovision.InstallShield.InstallFromTheWeb.ActiveX.Access

Description

Multiple buffer overflows in an ActiveX control (iftw.dll) and Netscape plug-in (npiftw32.dll) for Macrovision InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents.

Affected Products

InstallShield
InstallFromTheWeb

Impact

System Compromise.

Recommended Actions

Set the kill-bit for the affected ActiveX control. Delete the npiftw32.dll

CVE References

CVE-2007-0320