CVE-2007-6513

Published: Dec 21, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method.

Affected (1)

Products: Hp: Esupportdiagnostics

1 product

Esupportdiagnostics

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hp Esupportdiagnostics	Version 1.0.11.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0470.html

Source: cve@mitre.org

http://www.heise-security.co.uk/news/100934

Source: cve@mitre.org

http://www.securityfocus.com/bid/26967

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/39156

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0470.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.heise-security.co.uk/news/100934

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/26967

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/39156

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.