HP eSupportDiagnostics 1.0.11 'hpediag.dll' ActiveX Control Multiple Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/26967/info The HP eSupportDiagnostics ActiveX control is prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues by enticing an unsuspecting victim to visit a malicious HTML page...

CVE-2007-6513

HP eSupportDiagnostics ActiveX control hpediag.dll 1.0.11.0 exports dangerous methods, which allows remote attackers to 1 read arbitrary files via the ReadTextFile method, or 2 read arbitrary registry values via the ReadValue method...

hpreg-read.txt

The HP eSupportDiagnostics hpediag.dll exposes some methods that allow the reading of arbitrary files and registry values. hpediag.dll, version 1.0.11.0 PoC as follows: --------------------- function Check var out = fileUtil.ReadTextFilesomePath; var out = regUtil.ReadValuesomePath;...

[Full-disclosure] HP eSupportDiagnostics hpediags.dll Information Disclosure

The HP eSupportDiagnostics hpediag.dll exposes some methods that allow the reading of arbitrary files and registry values. hpediag.dll, version 1.0.11.0 PoC as follows: --------------------- html head script language="JavaScript" DEFER function Check var out = fileUtil.ReadTextFilesomePath; var o...

HP eSupportDiagnostics 1.0.11 - 'hpediag.dll' ActiveX Control Multiple Information Disclosure Vulnerabilities

source: https://www.securityfocus.com/bid/26967/info The HP eSupportDiagnostics ActiveX control is prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues by enticing an unsuspecting victim to visit a malicious HTML page. Successfully exploiting these issues...