Back to search
CVE-2007-0328
Published: Jun 1, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
36896
vdb-entry
x_refsource_OSVDB
http://support.installshield.com/kb/view.asp?articleid=Q113020
x_refsource_CONFIRM
32842
third-party-advisory
x_refsource_SECUNIA
http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html
x_refsource_CONFIRM
ADV-2007-2017
vdb-entry
x_refsource_VUPEN
25501
third-party-advisory
x_refsource_SECUNIA
ADV-2008-3278
vdb-entry
x_refsource_VUPEN
VU#524681
third-party-advisory
x_refsource_CERT-VN
macrovision-dwupdate-command-execution(34660)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now