Vulnerabilities > CVE-2007-3554 - Buffer Overflow vulnerability in HP Instant Support ActiveX Control Driver Check
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | HP Instant Support ActiveX Control Driver Check Buffer Overflow Vulnerability. CVE-2007-3554. Remote exploit for windows platform |
id | EDB-ID:30257 |
last seen | 2016-02-03 |
modified | 2007-04-01 |
published | 2007-04-01 |
reporter | John Heasman |
source | https://www.exploit-db.com/download/30257/ |
title | HP Instant Support ActiveX Control Driver Check Buffer Overflow Vulnerability |
Nessus
NASL family | Windows |
NASL id | HP_INSTANT_SUPPORT_SDD_ACTIVEX_OVERFLOW.NASL |
description | The remote host contains the SDD ActiveX control, a part of HP Instant Support. The version of this control on the remote host is reportedly affected by a buffer overflow that can be triggered by a long argument to its |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25655 |
published | 2007-07-03 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25655 |
title | HP Instant Support Driver Check HPSDDX Class (SDD) ActiveX (sdd.dll) queryHub Function Overflow |
code |
|
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597
- http://osvdb.org/37832
- http://secunia.com/advisories/25918
- http://www.securityfocus.com/archive/1/472728/100/0/threaded
- http://www.securityfocus.com/bid/24730
- http://www.securitytracker.com/id?1018331
- http://www.shinnai.altervista.org/index.php?mod=02_Forum&group=Exploits&argument=Remote&topic=1183360239.ff.php&page=last
- http://www.vupen.com/english/advisories/2007/2413
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35228