Flexera InstallShield and AdminStudio 'ISProxy.dll' Activex Remote Code Execution Vulnerability
BID:58422
Info
Flexera InstallShield and AdminStudio 'ISProxy.dll' Activex Remote Code Execution Vulnerability
| Bugtraq ID: | 58422 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 05 2013 12:00AM |
| Updated: | Mar 05 2013 12:00AM |
| Credit: | TippingPoint |
| Vulnerable: |
Flexerasoftware InstallShield 2012 0 Flexerasoftware InstallShield 2011 0 Flexerasoftware InstallShield 2010 0 Flexerasoftware InstallShield 2009 0 Flexerasoftware AdminStudio 9.5 Flexerasoftware AdminStudio 9.0 Flexerasoftware AdminStudio 11.0 Flexerasoftware AdminStudio 10.0 |
| Not Vulnerable: | |
Discussion
Flexera InstallShield and AdminStudio 'ISProxy.dll' Activex Remote Code Execution Vulnerability
Flexera InstallShield and AdminStudio are prone to a remote code-execution vulnerability.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application (typically Internet Explorer) using the ActiveX control. Failed exploit attempts likely result in denial-of-service conditions.
Flexera InstallShield and AdminStudio are prone to a remote code-execution vulnerability.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application (typically Internet Explorer) using the ActiveX control. Failed exploit attempts likely result in denial-of-service conditions.
Exploit / POC
Flexera InstallShield and AdminStudio 'ISProxy.dll' Activex Remote Code Execution Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Flexera InstallShield and AdminStudio 'ISProxy.dll' Activex Remote Code Execution Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Flexera InstallShield and AdminStudio 'ISProxy.dll' Activex Remote Code Execution Vulnerability
References:
References:
- AdminStudio Homepage (Flexera Software)
- InstallShield Homepage (Flexera Software)
- Novell Homepage (Novell)
- AdminStudio ISProxy Remote Code Execution Vulnerability (Novell)
- Q211530: Security Hotfix for InstallShield and AdminStudio (Flexera Software)