Buffer Overflow Vulnerability in HP Instant Support ActiveX Control
CVE-2007-5606

Currently unrated

Key Information:

Vendor: HP
Status: Instant Support
Vendor: CVE Published:; 4 June 2008

Summary

The HP Instant Support product contains a buffer overflow vulnerability within the MoveFile function of the HPISDataManagerLib.Datamgr ActiveX control. This flaw allows remote attackers to execute arbitrary code by supplying a long argument, posing a significant security risk for users running versions prior to 1.0.0.24. It is crucial for organizations to apply necessary security updates and adhere to best practices to mitigate the risk associated with this vulnerability.

References

http://secunia.com/advisories/30516

third-party-advisoryx_refsource_SECUNIA

http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=...

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/bid/29526

vdb-entryx_refsource_BID

EPSS Score

37% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 4, 2008
Vulnerability Reserved
Oct 21, 2007