PT-2012-1260 · Flexera Macrovision · Installshield
Published
2012-01-19
·
Updated
2012-01-20
·
CVE-2007-6744
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Flexera Macrovision InstallShield versions prior to 2008
Description
The issue involves an incorrect interaction between InstallShield and Signcode.exe, potentially allowing local users to obtain sensitive information. This occurs during certain digital-signature operations involving .spc and .pvk files, where a digital-signature password is sent to an unintended application.
Recommendations
For Flexera Macrovision InstallShield versions prior to 2008, update to version 2008 or later to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Installshield