Lucene search
K

4 matches found

seebug.org
seebug.org
added 2008/06/06 12:0 a.m.27 views

HP Instant Support HPISDataManager.dll ActiveX控件ExtractCab函数缓冲区溢出漏洞

BUGTRAQ ID: 29529 CVECAN ID: CVE-2007-5604 HP Instant Support是是基于网络的故障诊断和排除工具套件,适用于桌面计算和打印产品。 HP Instant Support所安装的HPISDataManager.dll ActiveX控件没有正确地过滤对ExtractCab函数的输入参数。如果用户受骗访问了恶意网页并向该函数传送了超长参数的话,就可能触发缓冲区溢出,导致执行任意指令。 HP Instant Support 1.0.0.22 临时解决方法:...

7.5CVSS6.6AI score0.11668EPSS
Exploits1
CERT
CERT
added 2008/06/06 12:0 a.m.44 views

HP Online Support Services ActiveX ExtractCab() buffer overflow

Overview HP Online Support Services contains the function ExtractCab, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system in the context of the local user. Description HP Services provides online...

6.9AI score
Exploits0References2
Prion
Prion
added 2008/06/04 8:32 p.m.17 views

Buffer overflow

Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and...

9.3CVSS7.8AI score0.12809EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2008/06/04 8:0 p.m.54 views

CVE-2007-5604

HP Instant Support HPISDataManager.dll ActiveX control contains ExtractCab() with a buffer overflow that allows a remote attacker to execute arbitrary code in the context of the local user. HP recommends upgrading to HP Instant Support - v1.0.0.24 or later (or applying the kill-bit remediation fo...

7.5CVSS7.5AI score0.11668EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder