Macrovision InstallAnywhere Enterprise before 8.0.1 uses the InstallScript.iap_xml configuration file without integrity protection to verify authorization for installing an application, which allows local users to perform unauthorized installations by removing the (1) password or (2) serial number verification sections from this file.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-04-19T10:00:00

Updated: 2024-08-07T12:43:21.662Z

Reserved: 2007-02-20T00:00:00

Link: CVE-2007-1009

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-04-19T10:19:00.000

Modified: 2024-11-21T00:27:17.237

Link: CVE-2007-1009

cve-icon Redhat

No data.