Short Name |
HTTP:STC:ACTIVEX:ISUSWEB |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Macrovision InstallShield Isusweb.dll ActiveX |
Release Date |
2007/11/12 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Macrovision Installshield Update Service. An attacker could create a malicious Web site containing dangerous ActiveX calls, which if accessed by a victim, can allow the attacker to gain control of the victim's client browser.
InstallShield Update Service is prone to multiple remote code-execution vulnerabilities because it fails to adequately sanitize user-supplied data. Successfully exploiting these issues will allow an attacker to execute arbitrary code with the permissions of the user running the application. These issues affect InstallShield Update Service 5.01.100.47363 and 6.0.100.60146.