FLEXnet Connect Update Service Agent ActiveX (isusweb.dll) Overflow
High Nessus Plugin ID 24712
SynopsisThe remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.
DescriptionMacrovision FLEXnet Connect, formerly known as InstallShield Update Service, is installed on the remote host. It is a software management solution for internally-developed and third-party applications, and may have been installed as part of the FLEXnet Connect SDK, other InstallShield software, or by running FLEXnet Connect-enabled Windows software.
The version of FLEXnet Connect on the remote host includes an ActiveX control -- Update Service Agent -- that is reportedly affected by a buffer overflow vulnerability involving its 'Download()' method. If an attacker can trick a user on the affected host into visiting a specially crafted web page, this issue could be leveraged to execute arbitrary code on the host subject to the user's privileges.
SolutionEither upgrade to a version of the FLEXnet Connect SDK with installer version 126.96.36.199974 or later; or, disable the control as described in the US-CERT advisory referenced above.