Lucene search

K
cve[email protected]CVE-2007-5608
HistoryJun 04, 2008 - 8:32 p.m.

CVE-2007-5608

2008-06-0420:32:00
web.nvd.nist.gov
21
cve-2007-5608
hpisdatamanagerlib
datamgr
activex control
remote attackers
arbitrary file download

6.4 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.196 Low

EPSS

Percentile

96.3%

The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.

Affected configurations

NVD
Node
hpinstant_supportRange≀1.0.0.23

6.4 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.196 Low

EPSS

Percentile

96.3%