CVE-2007-6332 - CVE Reference - Advisories

CVE Reference: CVE-2007-6332

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6332

Description: The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/38994 ST 1019086 SAID Secunia Advisory: SA28055 MISC http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt MILW0RM http://www.milw0rm.com/exploits/4720 HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/484880/100/100/threaded BID 26823

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	WMNews Cross-Site Scripting Vulnerabilities

2.	Joomla Community Builder Component File Inclusion

3.	OpenOffice "rtl_allocateMe mory()" Truncation Vulnerability

4.	dotProject SQL Injection and Cross-Site Scripting

5.	Novell eDirectory Multiple Vulnerabilities

6.	Slackware update for amarok

7.	HP TCP/IP Services for OpenVMS Finger Format String Vulnerability

8.	Caudium "configvar" Insecure Temporary Files

9.	GpsDrive "geo-code" Insecure Temporary Files

10.	phpMyRealty "price_max" SQL Injection Vulnerability