CVE-2007-6331

HPInfoDLL.HPInfo.1 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6331. PoCs published by porkythepig.

AI-analyzed exploit summary This is a detailed technical analysis of CVE-2007-6331, which involves insecure methods in the HP Info Center ActiveX control (HPInfoDLL.dll) allowing remote code execution and registry manipulation. The writeup explains the vulnerable methods (GetRegValue, SetRegValue, LaunchApp) and attack vectors, including silent remote execution via windowless processes.

Description

Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier allows remote attackers to execute arbitrary programs via the first argument to the LaunchApp method. NOTE: only a user-assisted attack is possible on Windows Vista.

Exploits (1)

exploitdb WRITEUP VERIFIED

by porkythepig · htmlremotewindows

https://www.exploit-db.com/exploits/4720

View Code ZIP pw:eip

This is a detailed technical analysis of CVE-2007-6331, which involves insecure methods in the HP Info Center ActiveX control (HPInfoDLL.dll) allowing remote code execution and registry manipulation. The writeup explains the vulnerable methods (GetRegValue, SetRegValue, LaunchApp) and attack vectors, including silent remote execution via windowless processes.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: HP Info Center v1.0.1.1, HPInfoDll.dll ActiveX CTL v1.0

No auth needed

Prerequisites: Victim must visit a malicious website using Internet Explorer · HP Info Center software must be installed on the target system

MITRE ATT&CK