cbcvebase.

Hp Instant Support vulnerabilities

8 known vulnerabilities affecting hp/instant_support.

Total CVEs
8
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH2

Vulnerabilities

Page 1 of 1
CVE-2008-0953P3CRITICALCVSS 10.0PoC≤ 1.0.0.232008-06-04
CVE-2008-0953 [CRITICAL] CVE-2008-0953: The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
nvd
CVE-2007-5610P3CRITICALCVSS 10.0PoC≤ 1.0.0.232008-06-04
CVE-2007-5610 [CRITICAL] CVE-2007-5610: The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.d The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument.
nvd
CVE-2008-0952P3CRITICALCVSS 9.3PoC≤ 1.0.0.232008-06-04
CVE-2008-0952 [CRITICAL] CVE-2008-0952: The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
nvd
CVE-2007-5607P3HIGHCVSS 7.5PoC≤ 1.0.0.23v1.0.0.222008-06-04
CVE-2007-5607 [HIGH] CVE-2007-5607: Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606.
nvd
CVE-2007-5604P3HIGHCVSS 7.5PoC≤ 1.0.0.23v1.0.0.222008-06-04
CVE-2007-5604 [HIGH] CWE-94 CVE-2007-5604: Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPIS Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607.
nvd
CVE-2007-5606P3CRITICALCVSS 10.0≤ 1.0.0.232008-06-04
CVE-2007-5606 [CRITICAL] CVE-2007-5606: Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDa Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607.
nvd
CVE-2007-5605P3CRITICALCVSS 9.3≤ 1.0.0.232008-06-04
CVE-2007-5605 [CRITICAL] CVE-2007-5605: Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPI Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607.
nvd
CVE-2007-5608P3CRITICALCVSS 9.3≤ 1.0.0.232008-06-04
CVE-2007-5608 [CRITICAL] CVE-2007-5608: The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll i The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE
nvd
Hp Instant Support vulnerabilities | cvebase