CVE-2007-5608

Currently unrated

Key Information:

Vendor: HP
Status: Instant Support
Vendor: CVE Published:; 4 June 2008

Summary

The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.

References

http://secunia.com/advisories/30516

third-party-advisoryx_refsource_SECUNIA

http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=...

vendor-advisoryx_refsource_HP

https://exchange.xforce.ibmcloud.com/vulnerabilities/42850

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 4, 2008
Vulnerability Reserved
Oct 21, 2007