HTTP: HP Instant Support ActiveX Control Vulnerability
This signature detects attempts to exploit a known vulnerability against HP Instant Support ActiveX control. An attacker can create a malicious Web page containing dangerous ActiveX calls, which if visited, can allow the attacker to gain control of the victim's system.
Extended Description
HP Instant Support ActiveX control is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting this issue allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.
Affected Products
Hp instant_support
Short Name
HTTP:STC:CLSID:ACTIVEX:HP-AX
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
ActiveX Control HP Instant Support Vulnerability bid:24730
Release Date
07/12/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Hp