'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:333016)

Rule General Information
Release Date: 2021-03-26
Rule Name: HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite Vulnerability
Severity:
CVE ID:
Rule Protection Details
Description: A directory traversal and file overwrite vulnerability exists in the HP Application Lifecycle Management ActiveX control XGO.ocx. The vulnerability is caused by exposing the CopyToFile function which fails to validate the filename parameter and allows the overwriting of system files. An attacker could exploit this vulnerability by enticing a user to open a specially crafted web page. Successful exploitation could result in code execution in the context of the currently logged in user.
Impact: An attacker could exploit this vulnerability to have unspecified effect.
Affected OS: Windows
Reference:
Solutions
Please contact the software vendor to update the software patch.