cbcvebase.
CVE-2007-6506
published 2007-12-20

CVE-2007-6506: The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote…

PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
16.35%
96.6th percentile
The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.

Affected

2 ranges
VendorProductVersion rangeFixed in
hpsoftware_update<= 4.000.005.007
hpsoftware_update
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.