Macrovision InstallAnywhere Password Serial Number Authentication Bypass Vulnerability
BID:22643
Info
Macrovision InstallAnywhere Password Serial Number Authentication Bypass Vulnerability
| Bugtraq ID: | 22643 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-1009 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 17 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | Brian Reilly of Symantec is credited with the discovery of this vulnerability. |
| Vulnerable: |
Macrovision InstallAnywhere Enterprise 8.0 Macrovision InstallAnywhere Enterprise 0 |
| Not Vulnerable: |
Macrovision InstallAnywhere Enterprise 8.0.1 |
Discussion
Macrovision InstallAnywhere Password Serial Number Authentication Bypass Vulnerability
Macrovision InstallAnywhere is prone to an authentication-bypass vulnerability.
A successful exploit would allow an attacker to bypass the serial and password controls and to install arbitrary programs.
Macrovision InstallAnywhere is prone to an authentication-bypass vulnerability.
A successful exploit would allow an attacker to bypass the serial and password controls and to install arbitrary programs.
Exploit / POC
Macrovision InstallAnywhere Password Serial Number Authentication Bypass Vulnerability
An attacker can use standard command-line tools to exploit this issue.
An attacker can use standard command-line tools to exploit this issue.
Solution / Fix
Macrovision InstallAnywhere Password Serial Number Authentication Bypass Vulnerability
Solution:
The vendor released version 8.0.1 to address this issue. Please contact the vendor for information on how to obtain and apply this update.
Solution:
The vendor released version 8.0.1 to address this issue. Please contact the vendor for information on how to obtain and apply this update.
References
Macrovision InstallAnywhere Password Serial Number Authentication Bypass Vulnerability
References:
References: