CVE-2008-2390

Currently unrated

Key Information:

Vendor: HP
Status: Software Update
Vendor: CVE Published:; 21 May 2008

Summary

Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/42249

vdb-entryx_refsource_XF

https://www.exploit-db.com/exploits/5511

exploitx_refsource_EXPLOIT-DB

EPSS Score

83% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 21, 2008
Vulnerability Reserved
May 21, 2008