15 matches found
HP Info Center ActiveX Control Multiple Remote Vulnerabilities
The remote host contains the HP Quick Launch Button software, part of the HP Info Center software installed by default on many HP and Compaq laptop models. The version of this software on the remote host includes an ActiveX control that reportedly contains three insecure methods - 'GetRegValue',...
HP Info Center ActiveX code execution
Few unsafe methods are explosed...
[security bulletin] HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button (QLB) Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01300486 Version: 1 HPSBGN02298 SSRT071502 rev.1 - HP Quick Launch Button QLB Running on Windows, Remote Execution of Arbitrary Code, Gain Privileged Access NOTICE: The information in this Securi...
Design/Logic Flaw
The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center hpinfocenter.exe 1.0.1.1 in HP Quick Launch Button QLBCTRL.exe, aka QLB 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the...
CVE-2007-6332
The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center hpinfocenter.exe 1.0.1.1 in HP Quick Launch Button QLBCTRL.exe, aka QLB 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the...
CVE-2007-6333
The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center hpinfocenter.exe 1.0.1.1 in HP Quick Launch Button QLBCTRL.exe, aka QLB 6.3 and earlier, allows remote attackers to read arbitrary registry values via the arguments to the GetRegValue method...
Design/Logic Flaw
The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center hpinfocenter.exe 1.0.1.1 in HP Quick Launch Button QLBCTRL.exe, aka QLB 6.3 and earlier, allows remote attackers to read arbitrary registry values via the arguments to the GetRegValue method...
Path traversal
Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center hpinfocenter.exe 1.0.1.1 in HP Quick Launch Button QLBCTRL.exe, aka QLB 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument...
DSquare Exploit Pack: D2SEC_HPINFO
Name| d2sechpinfo ---|--- CVE| CVE-2007-6331 Exploit Pack| D2ExploitPack Description| HP Info Center HPInfoDLL.DLL ActiveX Arbitrary Code Execution Vulnerability Notes|...
CVE-2007-6331
Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center hpinfocenter.exe 1.0.1.1 in HP Quick Launch Button QLBCTRL.exe, aka QLB 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument...
CVE-2007-6332
The CVE-2007-6332 entry concerns the HPInfoDLL.HPInfo.1 ActiveX control (HPInfoDLL.dll 1.0) shipped with HP Info Center in HP Quick Launch Button 6.3 and earlier on Windows before Vista. The vulnerability, via the SetRegValue method, allows remote attackers to create or modify arbitrary registry ...
CVE-2007-6331
CVE-2007-6331 describes an absolute path traversal in the HPInfoDLL.HPInfo.1 ActiveX control (HPInfoDLL.dll 1.0) shipped with HP Info Center and the HP Quick Launch Button (QLB) software, up to version 6.3. The vulnerability allows remote attackers to execute arbitrary programs by passing a craft...
HP notebooks remote code execution vulnerability (multiple series)
Advisory: ///////// Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access. Overview: ///////// Software called "HP Info...
hpcompaq-exec.txt
!- Advisory: Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access. Overview: ///////// Software called "HP Info Center" is...
HP Compaq Notebooks - ActiveX Remote Code Execution
HP Compaq Notebooks - ActiveX Remote Code Execution !- Advisory: Multiple Hewlett-Packard notebook series are prone to a remote code execution attack. The manufacturer's preinstalled software contains a critical flaw within the software built to support one-touch button quick feature access...