Vulnerability Details CVE-2007-6744
Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended application during certain signature operations involving .spc and .pvk files, which might allow local users to obtain sensitive information via unspecified vectors, related to an incorrect interaction between InstallShield and Signcode.exe.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.0%
CVSS Severity
CVSS v2 Score 2.1
References
- http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Installation-InstallShield-InstallShield2008Premier-Public-ProductInfo-IS2008PremProReleaseNotes2pdf&sliceId=pdfPage_42
- http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Installation-InstallShield-InstallShield2008Premier-Public-ProductInfo-IS2008PremProReleaseNotes2pdf&sliceId=pdfPage_42
Products affected by CVE-2007-6744
-
cpe:2.3:a:flexerasoftware:installshield:*
-
cpe:2.3:a:flexerasoftware:installshield:10.5
-
cpe:2.3:a:flexerasoftware:installshield:11
-
cpe:2.3:a:flexerasoftware:installshield:11.5