CVE-2007-0328
published 2007-06-01CVE-2007-0328: The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to…
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
5.27%
91.5th percentile
The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| macrovision | flexnet_connect | — | — |
| macrovision | update_service | — | — |
| macrovision | update_service | — | — |
| macrovision | update_service | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-85rg-2jgh-frvj: Multiple buffer overflows in an ActiveX control (boisweb
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-2419 [CRITICAL] GHSA-85rg-2jgh-frvj: Multiple buffer overflows in an ActiveX control (boisweb
Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second parameter to the DownloadAndExecute method and (2) third parameter to the AddFileEx method, a different vulnerability than CVE-2007-0328.
GHSA
GHSA-h8w6-hghm-hrfp: The DWUpdateService ActiveX control in the agent (agent
ghsa_unreviewed·2022-05-01
CVE-2007-0328 [HIGH] GHSA-h8w6-hghm-hrfp: The DWUpdateService ActiveX control in the agent (agent
The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.
No detection rules found.
No public exploits indexed.
http://osvdb.org/36896http://secunia.com/advisories/25501http://secunia.com/advisories/32842http://support.installshield.com/kb/view.asp?articleid=Q113020http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.htmlhttp://www.kb.cert.org/vuls/id/524681http://www.vupen.com/english/advisories/2007/2017http://www.vupen.com/english/advisories/2008/3278https://exchange.xforce.ibmcloud.com/vulnerabilities/34660http://osvdb.org/36896http://secunia.com/advisories/25501http://secunia.com/advisories/32842http://support.installshield.com/kb/view.asp?articleid=Q113020http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.htmlhttp://www.kb.cert.org/vuls/id/524681http://www.vupen.com/english/advisories/2007/2017http://www.vupen.com/english/advisories/2008/3278https://exchange.xforce.ibmcloud.com/vulnerabilities/34660
2007-06-01
Published