PT-2007-7347 · Hewlett Packard · Hp Esupportdiagnostics Activex Control
Publicado
2007-12-21
·
Atualizado
2017-08-08
·
CVE-2007-6513
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
HP eSupportDiagnostics ActiveX control (hpediag.dll) version 1.0.11.0
Description
The issue allows remote attackers to read arbitrary files via the
ReadTextFile method or read arbitrary registry values via the ReadValue method.Recommendations
For HP eSupportDiagnostics ActiveX control (hpediag.dll) version 1.0.11.0, consider disabling the
ReadTextFile and ReadValue methods to prevent exploitation until a patch is available.Exploit
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Hp Esupportdiagnostics Activex Control