NVD

Id
57673  
Name
CVE-2007-5608  
Description
The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2008-06-04  
Modified Date
2011-03-07  
Seq
2007-5608  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
295122 57673 CVE-2007-5608 http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf  View
295123 57673 CVE-2007-5608 29526  View
295124 57673 CVE-2007-5608 29530  View
295125 57673 CVE-2007-5608 1020165  View
295126 57673 CVE-2007-5608 ADV-2008-1740  View
295127 57673 CVE-2007-5608 SSRT071490  View
295128 57673 CVE-2007-5608 hp-instantsupport-downloadfile-file-download(42850)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
48544 JVNDB-2008-003854 HP Instant Support の におけるクライアントのマシンにファイルを強制的にダウンロードされる脆弱性 HP Instant Support の HPISDataManager.dll の HPISDataManagerLib.Datamgr ActiveX コントロールの DownloadFile 関数には、クライアントのマシンに任意のファイルを強制的にダウンロードされる脆弱性が存在します。 CVE-2007-5608 28963 CVE-2007-5608 57673 9.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003854.html 2008-06-03 2012-09-25 View