CVE-2008-0952 - Rove over Hillside


The AppendStringToFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before allows remote attackers to create files with arbitrary content via a full pathname in the first argument and the content in the second argument a different vulnerability than CVE-2007-5608 and CVE-2008-0953.