This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote Windows host has an ActiveX control that allows execution
of arbitrary code.
Macrovision FLEXnet Connect, formerly known as InstallShield Update
Service, is installed on the remote host. It is a software management
solution for internally-developed and third-party applications, and
may have been installed as part of the FLEXnet Connect SDK, other
InstallShield software, or by running FLEXnet Connect-enabled Windows
The version of the FLEXnet Connect client on the remote host includes
an ActiveX control -- the InstallShield Update Service Agent -- that
is marked as 'safe for scripting' and contains several methods that
allow for downloading and launching arbitrary programs. If a remote
attacker can trick a user on the affected host into visiting a
specially crafted web page, this issue could be leveraged to execute
arbitrary code on the host subject to the user's privileges.
Additionally, it is reportedly affected by a buffer overflow that can be
triggered by passing a long argument for 'ProductCode' to the
See also :
Upgrade to version 126.96.36.199101 or later of the FLEXnet Connect
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true