FLEXnet Connect Update Service Agent ActiveX (isusweb.dll) Overflow

High Nessus Plugin ID 24712

Synopsis

The remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.

Description

Macrovision FLEXnet Connect, formerly known as InstallShield Update Service, is installed on the remote host. It is a software management solution for internally-developed and third-party applications, and may have been installed as part of the FLEXnet Connect SDK, other InstallShield software, or by running FLEXnet Connect-enabled Windows software.

The version of FLEXnet Connect on the remote host includes an ActiveX control -- Update Service Agent -- that is reportedly affected by a buffer overflow vulnerability involving its 'Download()' method. If an attacker can trick a user on the affected host into visiting a specially crafted web page, this issue could be leveraged to execute arbitrary code on the host subject to the user's privileges.

Solution

Either upgrade to a version of the FLEXnet Connect SDK with installer version 12.0.0.49974 or later; or, disable the control as described in the US-CERT advisory referenced above.

Plugin Details

Severity: High

ID: 24712

File Name: flexnet_connect_usa_activex_overflow.nasl

Version: $Revision: 1.17 $

Type: local

Family: Windows

Published: 2007/02/26

Modified: 2015/01/12

Dependencies: 13855

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:W/RC:ND

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2007/02/23

Reference Information

CVE: CVE-2007-0321

BID: 22673

OSVDB: 33532

CERT: 847993