CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0953

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1420%
EPSS Percentile44.02th
PublishedJun 4, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.

Affected Platforms (CPE)

πŸ“¦
Hp

Instant Support

<= 1.0.0.23

References & Advisories

πŸ”— http://secunia.com/advisories/30516
πŸ”— http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf
πŸ”— http://www.kb.cert.org/vuls/id/998779
πŸ”— http://www.securityfocus.com/bid/29526
πŸ”— http://www.securityfocus.com/bid/29533
πŸ”— http://www.securitytracker.com/id?1020165
πŸ”— http://www.vupen.com/english/advisories/2008/1740/references
πŸ”— http://www12.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01422264

Related Vulnerabilities

CVE-2007-561010.0

The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support befor...

CVE-2007-560610.0

Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Su...

CVE-2007-56059.3

Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant...

CVE-2007-56089.3

The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1....