Lucene search

[email protected]CVE-2007-5610

HistoryJun 04, 2008 - 8:32 p.m.

CVE-2007-5610

2008-06-0420:32:00

[email protected]

web.nvd.nist.gov

cve-2007-5610

hp instant support

activex control

remote attackers

file deletion

6.3 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.125 Low

EPSS

Percentile

95.5%

JSON

The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument.

Affected configurations

NVD

Node

hpinstant_supportRange≤1.0.0.23

CPENameOperatorVersion
hp:instant_supporthp instant supportle1.0.0.23

CPE	Name	Operator	Version
hp:instant_support	hp instant support	le	1.0.0.23

References

secunia.com/advisories/30516

www.csis.dk/dk/forside/CSIS-RI-0003.pdf

www.kb.cert.org/vuls/id/857539

www.securityfocus.com/bid/29526

www.securityfocus.com/bid/29536

www.securitytracker.com/id?1020165

www.vupen.com/english/advisories/2008/1740/references

www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264

exchange.xforce.ibmcloud.com/vulnerabilities/42852

6.3 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.125 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2007-5610

cvelist1 nvd1 prion1 securityvulns2 cert8 nessus1