Intrusion Prevention

HP.Photo.Digital.Imaging.HPQVWOCX.DLL.File.Overwrite

Description

The ActiveX control in hpqvwocx.dll in Hewlett-Packard (HP) Digital Imaging has an arbitrary file overwrite vulnerability. A remote attacker could create or overwrite arbitrary files via the second argument to the SaveToFile method.

Affected Products

HP Photo Digital Imaging hpqvwocx.dll 2.1.556

Impact

File Manipulation.

Recommended Actions

Currently we are not aware of any official supplied fix for this issue.

CVE References

CVE-2007-3649