A vulnerability classified as very critical has been found in HP Software Update up to 4.000.005.007. Affected is an unknown function in the library rulesengine.dll of the file hprulesengine.contentcollection.1 of the component Software Update. The manipulation leads to Remote Code Execution.

This vulnerability is traded as CVE-2007-6506. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.