PT-2012-1260 · Flexera Macrovision · Installshield
Publicado
2012-01-19
·
Atualizado
2012-01-20
·
CVE-2007-6744
CVSS v2.0
2.1
Baixa
| Vetor | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Flexera Macrovision InstallShield versions prior to 2008
Description
The issue involves an incorrect interaction between InstallShield and Signcode.exe, potentially allowing local users to obtain sensitive information. This occurs during certain digital-signature operations involving .spc and .pvk files, where a digital-signature password is sent to an unintended application.
Recommendations
For Flexera Macrovision InstallShield versions prior to 2008, update to version 2008 or later to resolve the issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Installshield