CVE-2007-0328 Information

Description

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method and obtain the exit status using (2) the GetExitCode method.

Reference

http://osvdb.org/36896 http://secunia.com/advisories/25501 http://secunia.com/advisories/32842 http://support.installshield.com/kb/view.asp?articleid=Q113020 http://www.blackberry.com/btsc/articles/749/KB16469_f.SAL_Public.html http://www.kb.cert.org/vuls/id/524681 http://www.vupen.com/english/advisories/2007/2017 http://www.vupen.com/english/advisories/2008/3278 https://exchange.xforce.ibmcloud.com/vulnerabilities/34660