Remote Code Execution Vulnerability in HP Info Center by HP
CVE-2007-6332

Currently unrated

Key Information:

Vendor: HP
Status: Info Center; Quick Launch Button
Vendor: CVE Published:; 13 December 2007

Summary

The HPInfoDLL.HPInfo.1 ActiveX control vulnerability within HP Info Center (hpinfocenter.exe) versions 1.0.1.1 and Quick Launch Button (QLBCTRL.exe) versions 6.3 and earlier allows remote attackers to exploit the SetRegValue method. This issue permits unauthorized modification or creation of registry values on systems running Microsoft Windows prior to Vista. Due to the potential for remote manipulation, this vulnerability poses significant risks to system integrity and user data.

References

http://www.securityfocus.com/bid/26823

vdb-entryx_refsource_BID

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

https://www.exploit-db.com/exploits/4720

exploitx_refsource_EXPLOIT-DB

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 13, 2007
Vulnerability Reserved
Dec 13, 2007