HP » Software Update : Security Vulnerabilities, CVEs,

CVE-2007-6506

The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.
Max CVSS
9.3
EPSS Score
94.48%
Published
2007-12-20
Updated
2018-10-15

CVE-2008-0712

Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513.
Max CVSS
6.8
EPSS Score
38.65%
Published
2008-04-25
Updated
2017-08-08

CVE-2008-2390

Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument.
Max CVSS
6.8
EPSS Score
88.85%
Published
2008-05-21
Updated
2017-09-29

CVE-2015-5442

Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain privileges via unknown vectors.
Max CVSS
4.6
EPSS Score
0.04%
Published
2015-09-29
Updated
2016-12-08
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close