6 matches found
HP Software Update Tool HPeDiag ActiveX Control Buffer Overflow (CVE-2008-0712)
HP Software Update tool provides updates for HP software programs and HP devices. A buffer overflow vulnerability has been reported in the HP Software Update Tool. The vulnerability is due to boundary errors in an ActiveX control when creating XML output from INI input files. To trigger this issu...
HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow
Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...
HP Software Update HPeDiag ActiveX Control GetXmlFromIni buffer overflow
Added: 05/22/2008 CVE: CVE-2008-0712 BID: 28929 OSVDB: 44662 Background HP Software Update is shipped with various kinds of HP computers to keep HP software up to date. Problem A buffer overflow in the GetXmlFromIni method of the HPeDiag ActiveX control allows command execution when a user loads ...
HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01439758 Version: 1 HPSBGN02333 SSRT080031 rev.1 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code NOTICE: The information in this...
CVE-2008-0712
Unspecified vulnerability in the HP HPeDiag aka eSupportDiagnostics ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513...
CVE-2008-0712
CVE-2008-0712 affects HP Software Update HPeDiag ActiveX control (hpediag.dll) in Windows. A buffer overflow in the GetXmlFromIni method could allow remote code execution when a user loads a crafted INI file via an HTML page, under IE, on HP Software Update v4.000.009.002 or earlier. HP released ...