Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download Vulnerabilities

info
discussion
exploit
solution
references

Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download Vulnerabilities

An attacker can exploit these issues by enticing an unsuspecting victim to view a malicious web page.

NOTE: The Symantec DeepSight Team has discovered that the issue affecting 'isusweb.dll' is being actively exploited in the wild.

The following exploit code is available:

/data/vulnerabilities/exploits/27279.html
/data/vulnerabilities/exploits/27279-2.html