CVE-2007-6506

HP Software Update <4.000.005.007 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6506. PoCs published by porkythepig.

AI-analyzed exploit summary This exploit leverages an insecure ActiveX control (CLSID: 7CB9D4F5-C492-42A4-93B1-3F7D6946470D) in HP Software Update to arbitrarily overwrite files via the SaveToFile() method. It includes two PoCs: one for arbitrary file corruption and another for system kernel destruction, leading to a DoS condition.

Description

The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and possibly (2) access arbitrary files via the LoadDataFromFile method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by porkythepig · textdoswindows

https://www.exploit-db.com/exploits/4757

View Code ZIP pw:eip

This exploit leverages an insecure ActiveX control (CLSID: 7CB9D4F5-C492-42A4-93B1-3F7D6946470D) in HP Software Update to arbitrarily overwrite files via the SaveToFile() method. It includes two PoCs: one for arbitrary file corruption and another for system kernel destruction, leading to a DoS condition.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: HP Software Update client v3.0.8.4 (RulesEngine.dll ActiveX CTL v1.0)

No auth needed

Prerequisites: Victim must visit a malicious webpage · HP Software Update with vulnerable ActiveX control installed

MITRE ATT&CK