Описание
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.
Ссылки
- Vendor Advisory
- US Government Resource
- Vendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.0.23 (включая)
Одно из
cpe:2.3:a:hp:instant_support:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:instant_support:1.0.0.22:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.33633
Средний
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.
EPSS
Процентиль: 97%
0.33633
Средний
7.5 High
CVSS2
Дефекты
CWE-94