Описание
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0952
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42834
- http://secunia.com/advisories/30516
- http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf
- http://www.kb.cert.org/vuls/id/190939
- http://www.securityfocus.com/bid/29526
- http://www.securityfocus.com/bid/29535
- http://www.securitytracker.com/id?1020165
- http://www.vupen.com/english/advisories/2008/1740/references
- http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264
EPSS
CVE ID
Связанные уязвимости
The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
EPSS