EDB-4720
remotewindowsVERIFIED
HP Compaq Notebooks - ActiveX Remote Code Execution
CVE-2007-6333CVE-2007-6332CVE-2007-6331
porkythepig12/11/2007
CVE-2007-6331
NONEAbsolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe,
Publicado: 12/13/2007Atualizado: 4/9/2025
Descrição
Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista.
Análise IADesenvolvido por IA
Produtos Afetados
hpinfo_center
1.0.1.1
hpquick_launch_button
Exploits Disponíveis (1)
Referências
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486
- http://secunia.com/advisories/28055Vendor Advisory
- http://securitytracker.com/id?1019086
- http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt
- http://www.securityfocus.com/archive/1/484880/100/100/threaded
- http://www.securityfocus.com/bid/26823Exploit
- http://www.vupen.com/english/advisories/2007/4192
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38991
- https://www.exploit-db.com/exploits/4720
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486
- http://secunia.com/advisories/28055Vendor Advisory
- http://securitytracker.com/id?1019086
- http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt
- http://www.securityfocus.com/archive/1/484880/100/100/threaded
- http://www.securityfocus.com/bid/26823Exploit
- http://www.vupen.com/english/advisories/2007/4192
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38991
- https://www.exploit-db.com/exploits/4720