Remote Code Execution Vulnerability in HP Software Update ActiveX Control
CVE-2008-0712

Currently unrated

Key Information:

Vendor: HP
Status: Software Update
Vendor: CVE Published:; 25 April 2008

What is CVE-2008-0712?

The HP Software Update contains a vulnerability in its ActiveX control, specifically in the hpediag.dll file. This flaw can be exploited by remote attackers to execute arbitrary code on a vulnerable system or to gain unauthorized access to sensitive information through various unspecified methods. Users are advised to update to safer versions to mitigate any potential risks associated with this vulnerability.

References

http://marc.info/?l=bugtraq&m=120907060320901&w=2

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/bid/28929

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2008/1356/references

vdb-entryx_refsource_VUPEN

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 25, 2008
Vulnerability Reserved
Feb 11, 2008