CVE-2007-6506

The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hp:software_update:*:*:*:*:*:*:*:*
cpe:2.3:a:hp:software_update:3.0.8.4:*:*:*:*:*:*:*

History

21 Nov 2024, 00:40

Type Values Removed Values Added
References () http://blogs.zdnet.com/security/?p=768 - () http://blogs.zdnet.com/security/?p=768 -
References () http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818 - () http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818 -
References () http://it.slashdot.org/it/07/12/20/2327242.shtml - () http://it.slashdot.org/it/07/12/20/2327242.shtml -
References () http://secunia.com/advisories/28177 - Vendor Advisory () http://secunia.com/advisories/28177 - Vendor Advisory
References () http://www.anspi.pl/~porkythepig/hp-issue/wyfukanyszynszyl.txt - () http://www.anspi.pl/~porkythepig/hp-issue/wyfukanyszynszyl.txt -
References () http://www.securityfocus.com/archive/1/485451/100/0/threaded - () http://www.securityfocus.com/archive/1/485451/100/0/threaded -
References () http://www.securityfocus.com/archive/1/485734/100/0/threaded - () http://www.securityfocus.com/archive/1/485734/100/0/threaded -
References () http://www.securityfocus.com/bid/26950 - Exploit () http://www.securityfocus.com/bid/26950 - Exploit
References () http://www.securitytracker.com/id?1019133 - () http://www.securitytracker.com/id?1019133 -
References () http://www.vupen.com/english/advisories/2007/4271 - Vendor Advisory () http://www.vupen.com/english/advisories/2007/4271 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/39153 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/39153 -
References () https://www.exploit-db.com/exploits/4757 - () https://www.exploit-db.com/exploits/4757 -

Information

Published : 2007-12-20 23:46

Updated : 2024-11-21 00:40


NVD link : CVE-2007-6506

Mitre link : CVE-2007-6506

CVE.ORG link : CVE-2007-6506


JSON object : View

Products Affected

hp

  • software_update