VDB
CVE-2008-0953
CVE-2008-0953
PUBLISHED
CVSS 10 CRITICAL
The StartApp function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary programs via a .exe filename in the argument, a different vulnerability than CVE-2007-5608 and CVE-2008-0953.
EPSS 9.24% · 92.9th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
9.24%
92.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| hp | instant_support | 0 |
| n/a | n/a | * |
Timeline
- Jun 3, 2008 PoC Published
- Jun 4, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 30516 third-party-advisory
- HPSBMA02326 vendor-advisory
- 29533 vdb
- 29526 vdb
- ADV-2008-1740 vdb
- http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf url
- VU#998779 third-party-advisory
- hp-instantsupport-startapp-code-execution(42851) vdb
- 1020165 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2008-0953 advisory