Buffer Overflow in HP Instant Support ActiveX Control
CVE-2007-5604

Currently unrated

Key Information:

Vendor: HP
Status: Instant Support
Vendor: CVE Published:; 4 June 2008

Summary

The HPISDataManagerLib.Datamgr ActiveX control in HP Instant Support contains a buffer overflow vulnerability in its ExtractCab function. This flaw can be exploited by remote attackers who supply a specially crafted input as the first argument, allowing them to execute arbitrary code on the affected system. This vulnerability is distinct from others identified in the same timeframe and requires immediate attention for systems relying on outdated versions of the software.

References

http://secunia.com/advisories/30516

third-party-advisoryx_refsource_SECUNIA

http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=...

vendor-advisoryx_refsource_HP

https://exchange.xforce.ibmcloud.com/vulnerabilities/42844

vdb-entryx_refsource_XF

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 4, 2008
Vulnerability Reserved
Oct 21, 2007