CVE-2007-6513

HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method.
Configurations

Configuration 1 (hide)

cpe:2.3:a:hp:esupportdiagnostics:1.0.11.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:40

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0470.html - () http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0470.html -
References () http://www.heise-security.co.uk/news/100934 - () http://www.heise-security.co.uk/news/100934 -
References () http://www.securityfocus.com/bid/26967 - () http://www.securityfocus.com/bid/26967 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/39156 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/39156 -

Information

Published : 2007-12-21 22:46

Updated : 2024-11-21 00:40


NVD link : CVE-2007-6513

Mitre link : CVE-2007-6513

CVE.ORG link : CVE-2007-6513


JSON object : View

Products Affected

hp

  • esupportdiagnostics
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor