Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCertccCVE-2007-5608
HistoryJun 04, 2008 - 8:32 p.m.

CVE-2007-5608

2008-06-0420:32:00
certcc
web.nvd.nist.gov
26
cve-2007-5608
hpisdatamanagerlib
datamgr
activex control
remote attackers
arbitrary file download

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0.196

Percentile

96.3%

JSON

The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.

Affected configurations

Nvd
Node
hpinstant_supportRange≀1.0.0.23
VendorProductVersionCPE
hpinstant_support*cpe:2.3:a:hp:instant_support:*:*:*:*:*:*:*:*

Related

prion 3
cvelist 3
nvd 3
cve 2
seebug 1
securityvulns 2
nessus 1
cert 8
exploitdb 2
prion
prion
Hardcoded credentials
2008-06-04 20:32:00
Design/Logic Flaw
2008-06-04 20:32:00
Design/Logic Flaw
2008-06-04 20:32:00
cvelist
cvelist
CVE-2007-5608
2008-06-04 20:00:00
CVE-2008-0952
2008-06-04 20:00:00
CVE-2008-0953
2008-06-04 20:00:00
nvd
nvd
CVE-2008-0952
2008-06-04 20:32:00
CVE-2007-5608
2008-06-04 20:32:00
CVE-2008-0953
2008-06-04 20:32:00
cve
cve
CVE-2008-0952
2008-06-04 20:32:00
CVE-2008-0953
2008-06-04 20:32:00
seebug
seebug
HP Instant Support HPISDataManager.dll ActiveXζŽ§δ»Άδ»»ζ„ζ–‡δ»ΆδΈ‹θ½½ζΌζ΄ž
2008-06-06 00:00:00
securityvulns
securityvulns
HP ActiveX code execution
2008-06-05 00:00:00
[security bulletin] HPSBMA02326 SSRT071490 rev.1 - HP Instant Support HPISDataManager.dll Running on Windows, Remote Execution of Arbitrary Code
2008-06-05 00:00:00
nessus
nessus
HP Instant Support HPISDataManager.dll ActiveX Control < 1.0.0.24 Vulnerabilities
2008-06-05 00:00:00
cert
cert
HP Online Support Services ActiveX ExtractCab() buffer overflow
2008-06-06 00:00:00
HP Online Support Services ActiveX StartApp() arbitrary code execution
2008-06-06 00:00:00
HP Online Support Services ActiveX DeleteSingleFile() arbitrary file deletion
2008-06-06 00:00:00
exploitdb
exploitdb
HP Instant Support 1.0.22 - &#039;HPISDataManager.dll&#039; ActiveX Control Arbitrary File Creation
2008-06-03 00:00:00
HP Instant Support 1.0.22 - &#039;HPISDataManager.dll StartApp&#039; ActiveX Control Insecure Method
2008-06-03 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0.196

Percentile

96.3%

JSON
Related for CVE-2007-5608
prion3cvelist3nvd3cve2seebug1securityvulns2nessus1cert8exploitdb2