iDefense Security Advisory 03.31.08 - Remote exploitation of an untrusted library loading vulnerability in Macrovision's InstallShield InstallScript One-Click Install ActiveX control allows remote attackers to execute code with the privileges of the currently logged in user. iDefense confirmed this vulnerability exists in version 12.0 of the Macrovision InstallShield InstallScript One-Click Install ActiveX Control. Previous versions of the control are reported to be vulnerable to variations of this attack. Previous versions are known to use different CLSIDs.
43de1fe2a2db8c9142cfcc62930c4a7e8244c9a74ebd86de23f0101133587ac1