Update Protection against Macrovision InstallShield Update Service ActiveX Control Code Execution Vulnerability
| Check Point Reference: | CPAI-2008-010 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA27475 | |
| Industry Reference(s): | CVE-2007-5660 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Macrovision InstallShield 2008 Macrovision FLEXnet Connect 6.0 prior to 6.0.100.65101 Macrovision Update Service all versions from 2.x to 5.x to 5.1.100 47363 | ||
| Vulnerability Description A code execution vulnerability was reported in Macrovision InstallShield Update Service. Macrovision InstallShield is a software tool for creating installers or software packages. By convincing a user to visit a specially crafted web page, a remote attacker may trigger this vulnerability to execute arbitrary code on an affected system. |
||
|
Update/Patch Available Apply updates: Macrovision |
|
|
Vulnerability Details This vulnerability is due to errors in the Macrovision InstallShield Update Service ActiveX Control when handling webpage scripts. To trigger this issue, an attacker may create a malicious web page that will exploit this flaw. Successful exploitation may allow execution of arbitrary code on the vulnerable system. |
Protection Overview
By enabling this protection, SmartDefense will detect and block the vulnerable ActiveX Control. Depending on the traffic mix, activating this protection may result in performance degradation.
In order for the protection to be activated, update your VPN-1/InterSpect product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.