CVE-2007-6506
CVE-2007-6506
The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
cve_referencewww.exploit-db.com/exploits/4757no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://blogs.zdnet.com/security/?p=768http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053818http://it.slashdot.org/it/07/12/20/2327242.shtmlhttp://secunia.com/advisories/28177https://exchange.xforce.ibmcloud.com/vulnerabilities/39153https://www.exploit-db.com/exploits/4757http://www.anspi.pl/~porkythepig/hp-issue/wyfukanyszynszyl.txthttp://www.securityfocus.com/archive/1/485451/100/0/threadedhttp://www.securityfocus.com/archive/1/485734/100/0/threadedhttp://www.securityfocus.com/bid/26950http://www.securitytracker.com/id?1019133http://www.vupen.com/english/advisories/2007/4271