Search criteria
20 vulnerabilities found for instant_support by hp
CVE-2008-0953 (GCVE-0-2008-0953)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 08:01
VLAI?
Summary
The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0953",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5608 (GCVE-0-2007-5608)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5608",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5607 (GCVE-0-2007-5607)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5607",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0952 (GCVE-0-2008-0952)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 08:01
VLAI?
Summary
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0952",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5606 (GCVE-0-2007-5606)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5606",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5604 (GCVE-0-2007-5604)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5604",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5605 (GCVE-0-2007-5605)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5605",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5610 (GCVE-0-2007-5610)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#857539",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#857539",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#857539",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5610",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3554 (GCVE-0-2007-3554)
Vulnerability from nvd – Published: 2007-07-04 15:00 – Updated: 2024-08-07 14:21
VLAI?
Summary
Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24730"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24730"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2413",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"name": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last",
"refsource": "MISC",
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"refsource": "OSVDB",
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24730"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3554",
"datePublished": "2007-07-04T15:00:00",
"dateReserved": "2007-07-04T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0993 (GCVE-0-2002-0993)
Vulnerability from nvd – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-isee-unauth-access(9620)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hp-isee-unauth-access(9620)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-isee-unauth-access(9620)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0993",
"datePublished": "2002-08-31T04:00:00",
"dateReserved": "2002-08-27T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0953 (GCVE-0-2008-0953)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 08:01
VLAI?
Summary
The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0953",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5608 (GCVE-0-2007-5608)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5608",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5607 (GCVE-0-2007-5607)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5607",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0952 (GCVE-0-2008-0952)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 08:01
VLAI?
Summary
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0952",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5606 (GCVE-0-2007-5606)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5606",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5604 (GCVE-0-2007-5604)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5604",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5605 (GCVE-0-2007-5605)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5605",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5610 (GCVE-0-2007-5610)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#857539",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#857539",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#857539",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5610",
"datePublished": "2008-06-04T20:00:00",
"dateReserved": "2007-10-21T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3554 (GCVE-0-2007-3554)
Vulnerability from cvelistv5 – Published: 2007-07-04 15:00 – Updated: 2024-08-07 14:21
VLAI?
Summary
Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24730"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24730"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2413",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"name": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last",
"refsource": "MISC",
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"refsource": "OSVDB",
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24730"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3554",
"datePublished": "2007-07-04T15:00:00",
"dateReserved": "2007-07-04T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0993 (GCVE-0-2002-0993)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-isee-unauth-access(9620)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hp-isee-unauth-access(9620)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-isee-unauth-access(9620)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0993",
"datePublished": "2002-08-31T04:00:00",
"dateReserved": "2002-08-27T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}