CVE-2008-2390
Published May 21, 2008
Last updated 7 years ago
Overview
- Description
- Hpufunction.dll 4.0.0.1 in HP Software Update exposes the unsafe (1) ExecuteAsync and (2) Execute methods, which allows remote attackers to execute arbitrary code via an absolute pathname in the first argument.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:software_update:4.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94C701F8-ED7F-48A9-9531-14C672E72DAE"
}
],
"operator": "OR"
}
]
}
]