Intrusion Prevention

HP.Photo.Digital.Imaging.HPQXML.DLL.File.Overwrite

Description

An ActiveX control in hpqxml.dll in Hewlett-Packard (HP) Digital Imaging has an arbitrary file overwrite vulnerability. A remote attacker could create or overwrite arbitrary files via the second argument to the saveXMLAsFile method.

Affected Products

HP HP Photo Digital Imaging hpqxml.dll 2.0.0.133

Impact

File Manipulation.

Recommended Actions

Currently we are not aware of any official supplied fix for this issue.

CVE References

CVE-2007-3487