HP All-in-One Series Web Release and HP Photo and Imaging Gallery are prone to a heap based buffer overflow vulnerability because the applications fail to perform adequate boundary checks on user supplied data. By persuading a victim to visit a specially crafted Web page, a remote attacker could overflow the heap and execute arbitrary code on a victim system with the privileges of the user, or cause the victim's browser to crash.
HP Photo and Image Gallery 1.1
HP All-in-One Series Web Release
Arbitrary code execution.
Currently we are not aware of any vendor supplied patches for this issue.