Detections
Analytics
Flexera InstallShield Untrusted Search Path Vulnerability
high Nessus Plugin ID 89692
Language:
Synopsis
An application installed on the remote Windows host is affected by an untrusted search path vulnerability.Description
The Flexera InstallShield application installed on the remote host is missing a vendor-supplied hotfix. It is, therefore, affected by an untrusted search path vulnerability due to looking for specific files or libraries in the current working directory, which may not be trusted or under user control. A remote attacker can exploit this, using a specially crafted DLL, by convincing a user to open a file (e.g., located on a remote WebDAV share), resulting in the injection and execution of arbitrary code.Solution
Apply the vendor-supplied Hotfix IOJ-1745445. Note that this may require an upgrade to InstallShield 2015 SP1. Furthermore, the vendor recommends that InstallShield customers follow Windows best practices when using custom actions since the hotfix is not applicable to custom actions.See Also
http://www.nessus.org/u?1d6580b3
http://www.nessus.org/u?1f913224
http://www.nessus.org/u?e3269c83
Plugin Details
Severity: High
ID: 89692
File Name: flexera_installshield_cve-2016-2542.nasl
Version: 1.11
Type: local
Family: CGI abuses
Published: 3/6/2016
Updated: 4/19/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2016-2542
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:flexerasoftware:installshield
Required KB Items: installed_sw/Flexera InstallShield
Exploit Ease: No known exploits are available
Patch Publication Date: 1/25/2016
Vulnerability Publication Date: 1/21/2016
Reference Information
CVE: CVE-2016-2542
BID: 83334
IAVB: 2016-B-0040-S