VDB
CVE-2007-5608
CVE-2007-5608
PUBLISHED
CVSS 9.300000190734863 CRITICAL
The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953.
EPSS 2.85% · 86.5th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
2.85%
86.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| hp | instant_support | 0 |
| n/a | n/a | n/a |
Timeline
- Jun 4, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 30516 third-party-advisory
- HPSBMA02326 vendor-advisory
- hp-instantsupport-downloadfile-file-download(42850) vdb
- 29526 vdb
- ADV-2008-1740 vdb
- http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf url
- VU#949587 third-party-advisory
- 29530 vdb
- 1020165 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2007-5608 advisory