Macrovision.FLEXnet.Connect.InstallShield.Buffer.Overflow
Description
This vulnerability was identified in Macrovision FLEXnet Connect, which could be exploited by remote attackers to take complete control of an affected system. This issue is due to a buffer overflow error in the InstallShield Update Service ActiveX control (isusweb.dll) when handling an overly long argument passed to the "Download()" method, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.
Affected Products
Macrovision: FLEXnet Connect Any version.
Impact
System compromise.
Recommended Actions
Currently we are not aware of any vendor-supplied fix on this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-11-06 | 13.485 |