Remote File Creation Vulnerability in HP Instant Support ActiveX Control
CVE-2008-0952

Currently unrated

Key Information:

Vendor

HP
Status
Instant Support
Vendor
CVE Published:
4 June 2008

What is CVE-2008-0952?

A vulnerability exists in the AppendStringToFile function within the HPISDataManagerLib.Datamgr ActiveX control in HP Instant Support versions prior to 1.0.0.24. This flaw enables remote attackers to generate files containing arbitrary content on the affected system by manipulating the full pathname and content through crafted parameters. This can lead to unauthorized file creation, impacting the integrity and confidentiality of system data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/30516
third-party-advisoryx_refsource_SECUNIA
http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=...
vendor-advisoryx_refsource_HP
http://www.kb.cert.org/vuls/id/190939
third-party-advisoryx_refsource_CERT-VN

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.