cbcvebase.

Hp Software Update vulnerabilities

4 known vulnerabilities affecting hp/software_update.

Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2007-6506P3CRITICALCVSS 9.3PoC≤ 4.000.005.007v3.0.8.42007-12-20
CVE-2007-6506 [CRITICAL] CVE-2007-6506: The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.00 The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
nvd
CVE-2008-2390P3MEDIUMCVSS 6.8PoCv4.0.0.12008-05-21
CVE-2008-2390 [MEDIUM] CWE-94 CVE-2008-2390: Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute me Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument.
nvd
CVE-2008-0712P4MEDIUMCVSS 6.8≤ 4.000.009.0022008-04-25
CVE-2008-0712 [MEDIUM] CVE-2008-0712: Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513.
nvd
CVE-2015-5442P4MEDIUMCVSS 4.6≤ 5.02015-09-29
CVE-2015-5442 [MEDIUM] CVE-2015-5442: Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain priv Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors.
nvd
Hp Software Update vulnerabilities | cvebase