CVE-2007-3649

HP Photo Digital Imaging ActiveX Control - Arbitrary File Write via SaveToFile Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3649. PoCs published by shinnai.

AI-analyzed exploit summary This exploit targets an insecure method in HP Digital Imaging's hpqvwocx.dll (v. 2.1.0.556) via the SaveToFile() function, allowing arbitrary file overwrite. The PoC overwrites system.ini, demonstrating the vulnerability's impact.

Description

Absolute path traversal vulnerability in a certain ActiveX control in hpqvwocx.dll 2.1.0.556 in Hewlett-Packard (HP) Digital Imaging allows remote attackers to create or overwrite arbitrary files via the second argument to the SaveToFile method.

Exploits (1)

exploitdb WORKING POC VERIFIED
by shinnai · htmlremotewindows
https://www.exploit-db.com/exploits/4155

This exploit targets an insecure method in HP Digital Imaging's hpqvwocx.dll (v. 2.1.0.556) via the SaveToFile() function, allowing arbitrary file overwrite. The PoC overwrites system.ini, demonstrating the vulnerability's impact.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: HP Digital Imaging hpqvwocx.dll v. 2.1.0.556
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24793
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4155
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35288
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/45800

Scores

EPSS 0.0456
EPSS Percentile 90.4%

Details

Status published
Products (1)
hp/photo_digital_imaging_activex_control 2.1.0.556
Published Jul 10, 2007
Tracked Since Feb 18, 2026