EDB-4757
doswindowsVERIFIED
HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities
CVE-2007-6506
porkythepig12/19/2007
CVE-2007-6506
NONEThe HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbit
Publicado: 12/20/2007Atualizado: 4/9/2025
Descrição
The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
Análise IADesenvolvido por IA
Produtos Afetados
hpsoftware_update
hpsoftware_update
3.0.8.4
Exploits Disponíveis (1)
Referências
- http://blogs.zdnet.com/security/?p=768
- http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818
- http://it.slashdot.org/it/07/12/20/2327242.shtml
- http://secunia.com/advisories/28177Vendor Advisory
- http://www.anspi.pl/~porkythepig/hp-issue/wyfukanyszynszyl.txt
- http://www.securityfocus.com/archive/1/485451/100/0/threaded
- http://www.securityfocus.com/archive/1/485734/100/0/threaded
- http://www.securityfocus.com/bid/26950Exploit
- http://www.securitytracker.com/id?1019133
- http://www.vupen.com/english/advisories/2007/4271Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39153
- https://www.exploit-db.com/exploits/4757
- http://blogs.zdnet.com/security/?p=768
- http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818
- http://it.slashdot.org/it/07/12/20/2327242.shtml
- http://secunia.com/advisories/28177Vendor Advisory
- http://www.anspi.pl/~porkythepig/hp-issue/wyfukanyszynszyl.txt
- http://www.securityfocus.com/archive/1/485451/100/0/threaded
- http://www.securityfocus.com/archive/1/485734/100/0/threaded
- http://www.securityfocus.com/bid/26950Exploit