|
|
CVE Reference: CVE-2007-6331 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-6331 |
|
|
Description: Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/38991 ST 1019086 SAID Secunia Advisory: SA28055 MISC http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt MILW0RM http://www.milw0rm.com/exploits/4720 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/484880/100/100/threaded BID 26823 |
|
| Return to the previous page. |
