cvelistv5 - cve-2007-6332

CVE-2007-6332 (GCVE-0-2007-6332)

Vulnerability from cvelistv5

Published

2007-12-13 19:00

Modified

2024-08-07 16:02

Severity ?

CWE

Summary

The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method.

References

URL

Tags

	http://www.securityfocus.com/bid/26823	vdb-entry, x_refsource_BID
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486	vendor-advisory, x_refsource_HP
	https://www.exploit-db.com/exploits/4720	exploit, x_refsource_EXPLOIT-DB
	http://www.vupen.com/english/advisories/2007/4192	vdb-entry, x_refsource_VUPEN
	http://securitytracker.com/id?1019086	vdb-entry, x_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilities/38994	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/28055	third-party-advisory, x_refsource_SECUNIA
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/archive/1/484880/100/100/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:02:36.321Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "26823",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26823"
          },
          {
            "name": "SSRT071502",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486"
          },
          {
            "name": "4720",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4720"
          },
          {
            "name": "ADV-2007-4192",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4192"
          },
          {
            "name": "1019086",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019086"
          },
          {
            "name": "hpinfo-hpinfo-information-disclosure(38994)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38994"
          },
          {
            "name": "28055",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28055"
          },
          {
            "name": "HPSBGN02298",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486"
          },
          {
            "name": "20071211 HP notebooks remote code execution vulnerability (multiple series)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/484880/100/100/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "26823",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26823"
        },
        {
          "name": "SSRT071502",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486"
        },
        {
          "name": "4720",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4720"
        },
        {
          "name": "ADV-2007-4192",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4192"
        },
        {
          "name": "1019086",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019086"
        },
        {
          "name": "hpinfo-hpinfo-information-disclosure(38994)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38994"
        },
        {
          "name": "28055",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28055"
        },
        {
          "name": "HPSBGN02298",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486"
        },
        {
          "name": "20071211 HP notebooks remote code execution vulnerability (multiple series)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/484880/100/100/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6332",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26823",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26823"
            },
            {
              "name": "SSRT071502",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486"
            },
            {
              "name": "4720",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4720"
            },
            {
              "name": "ADV-2007-4192",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4192"
            },
            {
              "name": "1019086",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019086"
            },
            {
              "name": "hpinfo-hpinfo-information-disclosure(38994)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38994"
            },
            {
              "name": "28055",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28055"
            },
            {
              "name": "HPSBGN02298",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486"
            },
            {
              "name": "20071211 HP notebooks remote code execution vulnerability (multiple series)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/484880/100/100/threaded"
            },
            {
              "name": "http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt",
              "refsource": "MISC",
              "url": "http://www.anspi.pl/~porkythepig/hp-issue/kilokieubasy.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6332",
    "datePublished": "2007-12-13T19:00:00.000Z",
    "dateReserved": "2007-12-13T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:02:36.321Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-556

Vulnerability from certfr_avis

Plusieurs vulnérabilités ont été identifiées dans le logiciel HP Quick Launch Button (QLB) servant notamment à gérer les raccourcis de certaines touches. Il est installé par défaut sur la majorité des portables HP et Compaq de type Notebook équipés de Microsoft Windows (2000, XP et Vista).

Ces vulnérabilités peuvent être exploitées par une personne malveillante distante, par exemple par le biais d'une page web spécialement construite, pour exécuter des applications arbitraires ou lire et modifier les valeurs du registre de la machine vulnérable.

Description

Ces vulnérabilités concernent en particulier le contrôle ActiveX HPInfoDLL.HPInfo.1 de HPInfoDLL.dll 1.0 fourni avec l'application HP Info Center (hpinfocenter.exe).

Elles peuvent être exploitées par une personne malveillante distante pour exécuter des applications arbitraires ou lire et modifier les valeurs du registre de la machine vulnérable par les méthodes SetRegValue et GetRegValue.

La désinstallation de l'application HP Quick Launch Button (QLB) n'est pas suffisante pour corriger le problème.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

HP Quick Launch Button (QLB) est installé par défaut sur plusieurs modèles de portables de type Notebooks, dont :

la famille des Compaq Presario Notebook PCSeries (A900, B1200, C500, C700, F500, F700, M2000, V2000, V3000, V3500, V3700, V4000, V6500 et V6700) ;
la famille des HP Notebook PC (500, 510, 520, 530, G5000, G6000, G7000 et Special Edition L2000) ;
la famille des HP Compaq Notebook PC (2210b, 2510p, 2710p, 6510b, 6515b, 6520s, 6710b, 6710s, 6715b, 6715s, 6720s, 6820s, 6910p, 8510p, 8510w, 8710p, 8710w, nc2400, nc4200, nc4400, nc6110, nc6120, nc6140, nc6220, nc6320, nc6400, nc8230, nc8430, nw8240, nw8440, nw9440, nw4820, nx6110, nx6115, nx6120, nx6125, nx6310, nx6315, nx6320, nx6325, nx7300, nx7400, nx8220, nx8420 et nx9420) ;
la famille des HP Compaq Tablet PC (tc4200 et tc4400) ;
la famille des HP Pavillon Notebook PC Series (dv1000, dv2000, dv2500, dv2700, dv4000, dv6500, dv6700, dv9500, dv9700, dx6500, HDX, tx1000 et ze2000).

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Annonce de sécurité HP sp38166 du 12 décembre 2007	None	vendor-advisory
Annonce de sécurité HP de référence HPSBGN02298 SSRT071502 rev.1 du 14 décembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eHP Quick Launch Button (\u003cTT\u003eQLB\u003c/TT\u003e) est install\u00e9 par d\u00e9faut  sur plusieurs mod\u00e8les de portables de type \u003cSPAN class=\n  \"textit\"\u003eNotebooks\u003c/SPAN\u003e, dont :\u003c/P\u003e  \u003cUL\u003e    \u003cLI\u003ela famille des Compaq Presario Notebook PCSeries (A900,    B1200, C500, C700, F500, F700, M2000, V2000, V3000, V3500,    V3700, V4000, V6500 et V6700) ;\u003c/LI\u003e    \u003cLI\u003ela famille des HP Notebook PC (500, 510, 520, 530, G5000,    G6000, G7000 et Special Edition L2000) ;\u003c/LI\u003e    \u003cLI\u003ela famille des HP Compaq Notebook PC (2210b, 2510p, 2710p,    6510b, 6515b, 6520s, 6710b, 6710s, 6715b, 6715s, 6720s, 6820s,    6910p, 8510p, 8510w, 8710p, 8710w, nc2400, nc4200, nc4400,    nc6110, nc6120, nc6140, nc6220, nc6320, nc6400, nc8230, nc8430,    nw8240, nw8440, nw9440, nw4820, nx6110, nx6115, nx6120, nx6125,    nx6310, nx6315, nx6320, nx6325, nx7300, nx7400, nx8220, nx8420    et nx9420) ;\u003c/LI\u003e    \u003cLI\u003ela famille des HP Compaq Tablet PC (tc4200 et tc4400)    ;\u003c/LI\u003e    \u003cLI\u003ela famille des HP Pavillon Notebook PC Series (dv1000,    dv2000, dv2500, dv2700, dv4000, dv6500, dv6700, dv9500, dv9700,    dx6500, HDX, tx1000 et ze2000).\u003c/LI\u003e  \u003c/UL\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le logiciel HP Quick\nLaunch Button (QLB) servant notamment \u00e0 g\u00e9rer les raccourcis de\ncertaines touches. Il est install\u00e9 par d\u00e9faut sur la majorit\u00e9 des\nportables HP et Compaq de type Notebook \u00e9quip\u00e9s de Microsoft Windows\n(2000, XP et Vista).\n\nCes vuln\u00e9rabilit\u00e9s concernent en particulier le contr\u00f4le ActiveX\nHPInfoDLL.HPInfo.1 de HPInfoDLL.dll 1.0 fourni avec l\u0027application HP\nInfo Center (hpinfocenter.exe).\n\nElles peuvent \u00eatre exploit\u00e9es par une personne malveillante distante\npour ex\u00e9cuter des applications arbitraires ou lire et modifier les\nvaleurs du registre de la machine vuln\u00e9rable par les m\u00e9thodes\nSetRegValue et GetRegValue.\n\nLa d\u00e9sinstallation de l\u0027application HP Quick Launch Button (QLB) n\u0027est\npas suffisante pour corriger le probl\u00e8me.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-6331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6331"
    },
    {
      "name": "CVE-2007-6332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6332"
    },
    {
      "name": "CVE-2007-6333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6333"
    }
  ],
  "initial_release_date": "2007-12-19T00:00:00",
  "last_revision_date": "2007-12-19T00:00:00",
  "links": [
    {
      "title": "Annonce de s\u00e9curit\u00e9 HP de r\u00e9f\u00e9rence HPSBGN02298 SSRT071502    rev.1 du 14 d\u00e9cembre 2007 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01300486"
    }
  ],
  "reference": "CERTA-2007-AVI-556",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-12-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le logiciel HP Quick\nLaunch Button (QLB) servant notamment \u00e0 g\u00e9rer les raccourcis de\ncertaines touches. Il est install\u00e9 par d\u00e9faut sur la majorit\u00e9 des\nportables HP et Compaq de type \u003cspan class=\"textit\"\u003eNotebook\u003c/span\u003e\n\u00e9quip\u00e9s de Microsoft Windows (2000, XP et Vista).\n\nCes vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par une personne malveillante\ndistante, par exemple par le biais d\u0027une page web sp\u00e9cialement\nconstruite, pour ex\u00e9cuter des applications arbitraires ou lire et\nmodifier les valeurs du registre de la machine vuln\u00e9rable.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP Quick Launch Button (QLB)",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Annonce de s\u00e9curit\u00e9 HP sp38166 du 12 d\u00e9cembre 2007",
      "url": "ftp://ftp.hp.com/pub/sotfpaq/sp38001-38500/sp38166.html"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-6332 (GCVE-0-2007-6332)

Vulnerability from cvelistv5

CERTA-2007-AVI-556

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature