CVE-2007-6332

critical HPE
CVSS v3 Base Score
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
18.1%
Exploitation probability in 30 days
Top 5% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: December 13, 2007 (6726 days ago)
Last Modified: April 23, 2026
Vendor: HPE
Source: NVD

Description

The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfocenter.exe) 1.0.1.1 in HP Quick Launch Button (QLBCTRL.exe, aka QLB) 6.3 and earlier, on Microsoft Windows before Vista allows remote attackers to create or modify arbitrary registry values via the arguments to the SetRegValue method.

CWE

NVD-CWE-Other

Affected Products

hp info centerhp quick launch button

References

🔗 h20000.www2.hp.com 🔗 secunia.com 🔗 securitytracker.com 🔗 www.anspi.pl 🔗 www.securityfocus.com