Lucene search

Kaspersky LabKLA10191

HistoryDec 20, 2007 - 12:00 a.m.

KLA10191 Vulnerability in HP Software Update

2007-12-2000:00:00

Kaspersky Lab

threats.kaspersky.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.945 High

EPSS

Percentile

99.2%

JSON

Detect date:

12/20/2007

Severity:

Critical

Description:

An unspecified vulnerability was found in an HP Software Update. By exploiting this vulnerability malicious users can read and overwrite arbitrary files. This vulnerability can be exploited remotely at a point related to the Rules Engine.

Affected products:

HP Software Update versions 4.000.005.007 and earlier

Solution:

Update to latest version

Impacts:

WLF

Related products:

HP Software Update

CVE-IDS:

CVE-2007-65069.3Critical

Exploitation:

Public exploits exist for this vulnerability.

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6506

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/HP-Software-Update/

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.945 High

EPSS

Percentile

99.2%

JSON

Related for KLA10191