CVE-2007-6506

Loading...

General

Score:9.3/10.0
Severity:High
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 21/12/07 - Updated on 29/09/17

Description

The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2007-6506
Renater 2007/VULN545

Exploits

Exploit-DBEDB-4757
SecurityFocusBID-26950

Relative technologies

VendorProduct
hpsoftware_update

Share this vulnerability with:

Twitter Facebook LinkedIn Mail