Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Macrovision InstallShield InstallScript OCI控件不可信任库代码执行漏洞
Vulnerability Description
MacroVision InstallShield是很多软件厂商都在使用的安装程序解决方案。 InstallShield所安装的InstallScript One-Click Install ActiveX控件加载了不可信任的函数库,可能允许远程攻击者以当前登录用户的权限执行任意命令。 InstallShield InstallScript One-Click Install控件的属性如下: 文件:%WINDIR%\Downloaded Program Files\setup.exe CLSID:53D4
CVSS Information
N/A
Vulnerability Type
N/A