QwikSec

Security Database

CVE

CWE

Training

CVE-2007-5661

Published: Apr 4, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640

x_refsource_CONFIRM

installshield-oneclick-code-execution(41558)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

20080331 Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability

third-party-advisory

x_refsource_IDEFENSE

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.