← voltar
CVE-2007-6331

CVE-2007-6331

EPSS 30.1%
Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista.
Produtos afetados
n/a · n/a
PoCs públicas encontradas1
cve_referencewww.exploit-db.com/exploits/4720não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486http://secunia.com/advisories/28055http://securitytracker.com/id?1019086https://exchange.xforce.ibmcloud.com/vulnerabilities/38991https://www.exploit-db.com/exploits/4720http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txthttp://www.securityfocus.com/archive/1/484880/100/100/threadedhttp://www.securityfocus.com/bid/26823http://www.vupen.com/english/advisories/2007/4192