Lucene search

[email protected]CVE-2007-5607

HistoryJun 04, 2008 - 8:32 p.m.

CVE-2007-5607

2008-06-0420:32:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2007-5607

buffer overflow

registrystring function

hpisdatamanager.dll

hp instant support

activex control

remote code execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.186 Low

EPSS

Percentile

96.3%

JSON

Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606.

Affected configurations

NVD

Node

hpinstant_supportRange≤1.0.0.23

hpinstant_supportMatch1.0.0.22

CPENameOperatorVersion
hp:instant_supporthp instant supportle1.0.0.23
hp:instant_supporthp instant supporteq1.0.0.22

CPE	Name	Operator	Version
hp:instant_support	hp instant support	le	1.0.0.23
hp:instant_support	hp instant support	eq	1.0.0.22

References

secunia.com/advisories/30516

www.csis.dk/dk/forside/CSIS-RI-0003.pdf

www.kb.cert.org/vuls/id/526131

www.securityfocus.com/bid/29526

www.securityfocus.com/bid/29534

www.securitytracker.com/id?1020165

www.vupen.com/english/advisories/2008/1740/references

www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264

exchange.xforce.ibmcloud.com/vulnerabilities/42848

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.186 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2007-5607

prion4 cvelist4 nvd4 cve3 nessus2 cert8 securityvulns2 seebug1