CVE-2007-6513

{"id": "CVE-2007-6513", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-12-21T22:46:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0470.html", "source": "cve@mitre.org"}, {"url": "http://www.heise-security.co.uk/news/100934", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/26967", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39156", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method."}, {"lang": "es", "value": "El controlador ActiveX HP eSupportDiagnostics (hpediag.dll) 1.0.11.0 exporta m\u00e9todos peligrosos, lo cual permite a atacantes remotos (1)leer archivos de su elecci\u00f3n a trav\u00e9s del m\u00e9todo ReadTextFile, 0 (2) leer valores de registros de su elecci\u00f3n a trav\u00e9s del m\u00e9todo ReadValue."}], "lastModified": "2017-08-08T01:29:12.163", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:esupportdiagnostics:1.0.11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B02F63D-A3C4-413B-A2AE-5ADE81148CE7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}