RCE in Revenera Installshield
CVE-2007-5661
The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library co…
Vulnerability class: RCE (Remote Code Execution)
EPSS: 0.022 (80.7th percentile) — read the EPSS interpretation.
Affected products
- Revenera Installshield — versions 12
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK, Not Applicable)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- cve@mitre.org (Third Party Advisory, vdb-entry, x_refsource_XF)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_IDEFENSE, Not Applicable, third-party-advisory)
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, Not Applicable, x_refsource_VUPEN)