Detections
Analytics
FLEXnet Connect Update Service Agent ActiveX (isusweb.dll) Overflow
critical Nessus Plugin ID 24712
Synopsis
The remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.Description
Macrovision FLEXnet Connect, formerly known as InstallShield Update Service, is installed on the remote host. It is a software management solution for internally-developed and third-party applications, and may have been installed as part of the FLEXnet Connect SDK, other InstallShield software, or by running FLEXnet Connect-enabled Windows software.The version of FLEXnet Connect on the remote host includes an ActiveX control -- Update Service Agent -- that is reportedly affected by a buffer overflow vulnerability involving its 'Download()' method. If an attacker can trick a user on the affected host into visiting a specially crafted web page, this issue could be leveraged to execute arbitrary code on the host subject to the user's privileges.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Either upgrade to a version of the FLEXnet Connect SDK with installer version 12.0.0.49974 or later; or, disable the control as described in the US-CERT advisory referenced above.Plugin Details
Severity: Critical
ID: 24712
File Name: flexnet_connect_usa_activex_overflow.nasl
Version: 1.23
Type: local
Agent: windows
Family: Windows
Published: 2/26/2007
Updated: 9/30/2020
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.3
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2007-0321
CVSS v3
Risk Factor: Critical
Base Score: 9.6
Temporal Score: 8.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:macrovision:flexnet_connect
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 2/23/2007
Reference Information
CVE: CVE-2007-0321
BID: 22673
CERT: 847993