Lucene search
K
HpInstant Support

10 matches found

CVE
CVE
added 2008/06/04 8:0 p.m.56 views

CVE-2007-5605

CVE-2007-5605 is a buffer overflow in HPISDataManager.dll's GetFileTime() function within the HP Instant Support ActiveX control. A remote attacker could cause arbitrary code execution by passing a long argument to the function. Affected product: HP Instant Support / HPISDataManager.dll ActiveX c...

9.3CVSS7.5AI score0.08922EPSS
CVE
CVE
added 2008/06/04 8:0 p.m.56 views

CVE-2007-5606

HP Instant Support’s HPISDataManager.dll ActiveX control contains MoveFile() in the HPISDataManager, a buffer overflow that can be exploited by a remote attacker to execute arbitrary code. Public details indicate exploitation requires convincing a user to visit a malicious page to trigger the vul...

10CVSS7.5AI score0.12809EPSS
CVE
CVE
added 2008/06/04 8:0 p.m.55 views

CVE-2007-5604

HP Instant Support HPISDataManager.dll ActiveX control contains ExtractCab() with a buffer overflow that allows a remote attacker to execute arbitrary code in the context of the local user. HP recommends upgrading to HP Instant Support - v1.0.0.24 or later (or applying the kill-bit remediation fo...

7.5CVSS7.5AI score0.11668EPSS
CVE
CVE
added 2008/06/04 8:0 p.m.50 views

CVE-2007-5608

HP Instant Support HPISDataManager.dll ActiveX control contains the DownloadFile() function vulnerability (CVE-2007-5608). An unauthenticated remote attacker could force the ActiveX to download arbitrary files to a location on the victim’s system via a crafted URL and destination filename. Affect...

9.3CVSS6.4AI score0.0359EPSS
CVE
CVE
added 2008/06/04 8:0 p.m.47 views

CVE-2008-0952

CVE-2008-0952 concerns the HP Instant Support HPISDataManager.dll ActiveX control. The vulnerability resides in the insecure function AppendStringToFile() , which can allow a remote, unauthenticated attacker to create files with arbitrary content by passing a full pathname as the first argument a...

9.3CVSS6.4AI score0.05529EPSS
CVE
CVE
added 2008/06/04 8:0 p.m.45 views

CVE-2008-0953

The HP Instant Support HPISDataManager.dll ActiveX control (HPISDataManager, used by HP Online Support Services) contains multiple insecure methods (StartApp, DownloadFile, MoveFile, GetFileTime, ExtractCab, AppendStringToFile, RegistryString) that can be exploited by remote, unauthenticated atta...

10CVSS7AI score0.08819EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.44 views

CVE-2002-0993

HP Instant Support Enterprise Edition (ISEE) U2512A on HP-UX 11.00/11.11 has an unknown vulnerability allowing authenticated users to access restricted files. The available records identify the affected software and the access impact but do not provide technical details on root cause, vulnerable ...

4.6CVSS6.8AI score0.00512EPSS
CVE
CVE
added 2007/07/04 3:0 p.m.43 views

CVE-2007-3554

The CVE-2007-3554 entry describes a stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control (sdd.dll) used by HP Instant Support – Driver Check. A long argument to the queryHub function can allow remote code execution on affected hosts. The vulnerability affects the ActiveX control ...

7.6CVSS8.1AI score0.1787EPSS
CVE
CVE
added 2008/06/04 8:0 p.m.42 views

CVE-2007-5610

HP Instant Support HPISDataManager.dll ActiveX control (before v1.0.0.24) exposes a DeleteSingleFile() method that a remote attacker could abuse via a crafted HTML page to delete arbitrary files on the target system. The same advisory family notes other functions (MoveFile, GetFileTime, AppendStr...

10CVSS6.3AI score0.08819EPSS
CVE
CVE
added 2008/06/04 8:0 p.m.41 views

CVE-2007-5607

CVE-2007-5607 is a buffer overflow in the HPISDataManager.dll HP Instant Support ActiveX control (RegistryString function) that could allow a remote attacker to execute arbitrary code via a long first argument. Connected documents corroborate that this family of HP ActiveX vulnerabilities centers...

7.5CVSS7.5AI score0.12808EPSS