EDB-4757
doswindowsVERIFIED
HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities
CVE-2007-6506
porkythepig12/19/2007
CVE-2007-6506
NONEThe HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbit
게시됨: 12/20/2007업데이트됨: 4/9/2025
설명
The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
AI 분석AI 기반
영향받는 제품
hpsoftware_update
hpsoftware_update
3.0.8.4
사용 가능한 익스플로잇 (1)
참조
- http://blogs.zdnet.com/security/?p=768
- http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818
- http://it.slashdot.org/it/07/12/20/2327242.shtml
- http://secunia.com/advisories/28177Vendor Advisory
- http://www.anspi.pl/~porkythepig/hp-issue/wyfukanyszynszyl.txt
- http://www.securityfocus.com/archive/1/485451/100/0/threaded
- http://www.securityfocus.com/archive/1/485734/100/0/threaded
- http://www.securityfocus.com/bid/26950Exploit
- http://www.securitytracker.com/id?1019133
- http://www.vupen.com/english/advisories/2007/4271Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39153
- https://www.exploit-db.com/exploits/4757
- http://blogs.zdnet.com/security/?p=768
- http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818
- http://it.slashdot.org/it/07/12/20/2327242.shtml
- http://secunia.com/advisories/28177Vendor Advisory
- http://www.anspi.pl/~porkythepig/hp-issue/wyfukanyszynszyl.txt
- http://www.securityfocus.com/archive/1/485451/100/0/threaded
- http://www.securityfocus.com/archive/1/485734/100/0/threaded
- http://www.securityfocus.com/bid/26950Exploit