CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-3487

Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argument to the saveXMLAsFile method.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.118

EPSS Ranking 93.5%

CVSS Severity

CVSS v2 Score 6.4

References

http://osvdb.org/37675
http://secunia.com/advisories/25869
http://securityreason.com/securityalert/2846
http://www.securityfocus.com/archive/1/472384/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/35124
https://www.exploit-db.com/exploits/4119
http://osvdb.org/37675
http://secunia.com/advisories/25869
http://securityreason.com/securityalert/2846
http://www.securityfocus.com/archive/1/472384/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/35124
https://www.exploit-db.com/exploits/4119

Products affected by CVE-2007-3487

Hp » Photo Digital Imaging Activex Control » Version: 2.0.0.133

cpe:2.3:a:hp:photo_digital_imaging_activex_control:2.0.0.133

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-3487

Products

Pricing

Contact Us