SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (Generic)  >   InstallShield Vendors:   Flexera Software
Flexera InstallShield Unquoted Service Path Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1035097
SecurityTracker URL:  http://securitytracker.com/id/1035097
CVE Reference:   CVE-2016-2542   (Links to External Site)
Date:  Feb 24 2016
Impact:   Root access via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Flexera InstallShield. A local user can obtain elevated privileges on the target system.

The application invokes certain DLLs with an unquoted service path. A local user can create a specially crafted DLL file on the target system. When the target InstallShield setup launcher application is loaded by the target user, the application may load the specially crafted DLL instead of the intended DLL and execute arbitrary code. The code will run with the privileges of the target user.

This type of exploit is also known as "binary planting" or "DLL preloading".

Impact:   A local user can obtain elevated privileges on the target system.
Solution:   The vendor has issued a fix (2015 SP1 Hotfix IOJ-1745445). Some addition instructions are provided in the vendor's advisory.

The vendor's advisory is available at:

https://flexeracommunity.force.com/customer/articles/INFO/Best-Practices-to-Avoid-Windows-Setup-Launcher-Executable-Issues

Vendor URL:  flexeracommunity.force.com/customer/articles/INFO/Best-Practices-to-Avoid-Windows-Setup-Launcher-Executable-Issues (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
May 10 2016 (IBM Issues Fix for IBM Tivoli Storage Manager for Databases) Flexera InstallShield Unquoted Service Path Lets Local Users Gain Elevated Privileges
IBM has issued a fix for IBM Tivoli Storage Manager for Databases.
May 11 2016 (IBM Issues Fix for IBM Tivoli Storage Manager HSM for Windows) Flexera InstallShield Unquoted Service Path Lets Local Users Gain Elevated Privileges
IBM has issued a fix for IBM Tivoli Storage Manager HSM for Windows.
May 11 2016 (IBM Issues Fix for IBM Forms Viewer) Flexera InstallShield Unquoted Service Path Lets Local Users Gain Elevated Privileges
IBM has issued a fix for IBM Forms Viewer.
Jun 23 2016 (IBM Issues Fix for IBM Tivoli Storage Manager) Flexera InstallShield Unquoted Service Path Lets Local Users Gain Elevated Privileges
IBM has issued a fix for IBM Tivoli Storage Manager Server.
Jun 24 2016 (IBM Issues Fix for IBM Tivoli Storage Manager FastBack) Flexera InstallShield Unquoted Service Path Lets Local Users Gain Elevated Privileges
IBM has issued a fix for IBM Tivoli Storage Manager FastBack.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC