Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
20 vulnerabilities found for instant_support by hp
CVE-2007-5605 (GCVE-0-2007-5605)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5605",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5607 (GCVE-0-2007-5607)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5607",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5608 (GCVE-0-2007-5608)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5608",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5610 (GCVE-0-2007-5610)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#857539",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#857539",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#857539",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5610",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0952 (GCVE-0-2008-0952)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 08:01
VLAI?
Summary
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0952",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2008-02-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:01:40.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5606 (GCVE-0-2007-5606)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5606",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0953 (GCVE-0-2008-0953)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 08:01
VLAI?
Summary
The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0953",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2008-02-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:01:40.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5604 (GCVE-0-2007-5604)
Vulnerability from nvd – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5604",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3554 (GCVE-0-2007-3554)
Vulnerability from nvd – Published: 2007-07-04 15:00 – Updated: 2024-08-07 14:21
VLAI?
Summary
Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2007-06-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24730"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24730"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2413",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"name": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last",
"refsource": "MISC",
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"refsource": "OSVDB",
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24730"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3554",
"datePublished": "2007-07-04T15:00:00.000Z",
"dateReserved": "2007-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:21:36.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0993 (GCVE-0-2002-0993)
Vulnerability from nvd – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Date Public ?
2002-07-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-isee-unauth-access(9620)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hp-isee-unauth-access(9620)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-isee-unauth-access(9620)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0993",
"datePublished": "2002-08-31T04:00:00.000Z",
"dateReserved": "2002-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:17.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5605 (GCVE-0-2007-5605)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-getfiletime-bo(42845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42845"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29531"
},
{
"name": "VU#558163",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/558163"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5605",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5607 (GCVE-0-2007-5607)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-instantsupport-registrystring-bo(42848)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42848"
},
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29534"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#526131",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/526131"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5607",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5608 (GCVE-0-2007-5608)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-downloadfile-file-download(42850)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42850"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#949587",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/949587"
},
{
"name": "29530",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29530"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5608",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5610 (GCVE-0-2007-5610)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#857539",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#857539",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5610",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#857539",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/857539"
},
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "hp-instantsupport-deletesingle-file-deletion(42852)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42852"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "29536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29536"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5610",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0952 (GCVE-0-2008-0952)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 08:01
VLAI?
Summary
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "VU#190939",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/190939"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-append-file-overwrite(42834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42834"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0952",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2008-02-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:01:40.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5606 (GCVE-0-2007-5606)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "VU#221123",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/221123"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "hp-instantsupport-movefile-bo(42846)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42846"
},
{
"name": "29532",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29532"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5606",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0953 (GCVE-0-2008-0953)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 08:01
VLAI?
Summary
The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "29533",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29533"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "VU#998779",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/998779"
},
{
"name": "hp-instantsupport-startapp-code-execution(42851)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42851"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0953",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2008-02-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:01:40.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5604 (GCVE-0-2007-5604)
Vulnerability from cvelistv5 – Published: 2008-06-04 20:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2008-06-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "30516",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-5604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30516",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30516"
},
{
"name": "HPSBMA02326",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
},
{
"name": "hp-instantsupport-extractcab-bo(42844)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42844"
},
{
"name": "VU#754403",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/754403"
},
{
"name": "29526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29526"
},
{
"name": "ADV-2008-1740",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1740/references"
},
{
"name": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf",
"refsource": "MISC",
"url": "http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf"
},
{
"name": "1020165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020165"
},
{
"name": "SSRT071490",
"refsource": "HP",
"url": "http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-5604",
"datePublished": "2008-06-04T20:00:00.000Z",
"dateReserved": "2007-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3554 (GCVE-0-2007-3554)
Vulnerability from cvelistv5 – Published: 2007-07-04 15:00 – Updated: 2024-08-07 14:21
VLAI?
Summary
Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Date Public ?
2007-06-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24730"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2413",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24730"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2413",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2413"
},
{
"name": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last",
"refsource": "MISC",
"url": "http://www.shinnai.altervista.org/index.php?mod=02_Forum\u0026group=Exploits\u0026argument=Remote\u0026topic=1183360239.ff.php\u0026page=last"
},
{
"name": "hp-instantsupport-drivercheck-bo(35228)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35228"
},
{
"name": "SSRT071404",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "37832",
"refsource": "OSVDB",
"url": "http://osvdb.org/37832"
},
{
"name": "20070703 Buffer overflow in HP Instant Support Driver Check (SDD) ActiveX control",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472728/100/0/threaded"
},
{
"name": "1018331",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018331"
},
{
"name": "HPSBPI02228",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597"
},
{
"name": "25918",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25918"
},
{
"name": "24730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24730"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3554",
"datePublished": "2007-07-04T15:00:00.000Z",
"dateReserved": "2007-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:21:36.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0993 (GCVE-0-2002-0993)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Date Public ?
2002-07-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "hp-isee-unauth-access(9620)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "hp-isee-unauth-access(9620)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-isee-unauth-access(9620)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9620.php"
},
{
"name": "5267",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5267"
},
{
"name": "HPSBUX0207-201",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2002-q3/0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0993",
"datePublished": "2002-08-31T04:00:00.000Z",
"dateReserved": "2002-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:17.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}