73 matches found
EUVD-2002-0982
Malware in sbrugna...
EUVD-2007-5583
Malware in sbrugna...
HP Instant Support ActiveX Control Driver Check Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24730/info HP Instant Support ActiveX control is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized memory buffer...
HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Delete Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29536/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to a vulnerability that lets attackers delete arbitrary files on the affected computer in the context of the application using the ActiveX...
HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'StartApp' ActiveX Control Insecure Method Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29533/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to an insecure-method vulnerability. Successfully exploiting this issue allows remote attackers to launch arbitrary applications with the...
HP Instant Support 1.0.22 - 'HPISDataManager.dll' ActiveX Control Arbitrary File Creation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29535/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to a vulnerability that lets attackers create and overwrite files with arbitrary, attacker-controlled content. Successful exploits may compromis...
HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'ExtractCab' ActiveX Control Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29529/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. An attacker can exploit...
HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'RegistryString' Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29534/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. An attacker can exploit...
Aurigma Multiple ActiveX Kill Bits
Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The flaw is located in multiple ActiveX Controls of Aurigma Image Uploader and of HP Instant Support HPISDataManager.dll. ActiveX controls...
HP Instant Support HPISDataManager.dll ActiveX控件ExtractCab函数缓冲区溢出漏洞
BUGTRAQ ID: 29529 CVECAN ID: CVE-2007-5604 HP Instant Support是是基于网络的故障诊断和排除工具套件,适用于桌面计算和打印产品。 HP Instant Support所安装的HPISDataManager.dll ActiveX控件没有正确地过滤对ExtractCab函数的输入参数。如果用户受骗访问了恶意网页并向该函数传送了超长参数的话,就可能触发缓冲区溢出,导致执行任意指令。 HP Instant Support 1.0.0.22 临时解决方法:...
HP Instant Support HPISDataManager.dll ActiveX控件任意文件下载漏洞
BUGTRAQ ID: 29530 CVECAN ID: CVE-2007-5608 HP Instant Support是是基于网络的故障诊断和排除工具套件,适用于桌面计算和打印产品。 HP Instant Support所安装的HPISDataManager.dll ActiveX控件没有正确地过滤对DownloadFile函数的输入参数。如果用户受骗访问了恶意网页并向该函数传送了超长参数的话,就可能导致向本地系统下载任意文件。 HP Instant Support 1.0.0.22 临时解决方法:...
HP Online Support Services ActiveX ExtractCab() buffer overflow
Overview HP Online Support Services contains the function ExtractCab, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system in the context of the local user. Description HP Services provides online...
HP Online Support Services ActiveX GetFileTime() buffer overflow
Overview HP Online Support Services contains the function GetFileTime, which can be exploited to cause a buffer overflow. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description HP Services provides online product support services including ...
HP Online Support Services ActiveX StartApp() arbitrary code execution
Overview The HP Online Support Services ActiveX control contains a method called StartApp. This may allow a remote, unauthenticated attacker to execute local files on a vulnerable system in the context of the local user. Description HP Services provides online product support services including H...
HP Online Support Services ActiveX AppendStringToFile() arbitrary file writing
Overview The HP Online Support Services ActiveX control contains a method called AppendStringToFile. This may allow a remote, unauthenticated attacker to write to files on a vulnerable system. Description HP Services provides online product support services including HP Instant Support. The...
HP Online Support Services ActiveX DownloadFile() arbitrary file download
Overview The HP Online Support Services ActiveX control contains a method called DownloadFile. This may allow a remote, unauthenticated attacker to download files to the location of the ActiveX control. Description HP Services provides online product support services including HP Instant Support...
HP Online Support Services ActiveX DeleteSingleFile() arbitrary file deletion
Overview The HP Online Support Services ActiveX control contains a method called DeleteSingleFile. This may allow a remote, unauthenticated attacker to remove files from a vulnerable system. Description HP Services provides online product support services including HP Instant Support. The...
HP Instant Support HPISDataManager.dll ActiveX Control < 1.0.0.24 Vulnerabilities
The remote host contains several ActiveX controls in HP Instant Support HPISDataManager.dll, a web-based diagnostic tool from Hewlett-Packard. The version of the controls installed on the remote host reportedly are affected by several issues. If an attacker can trick a user on the affected host...
Hardcoded credentials
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a differe...
Buffer overflow
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and...