Intrusion Prevention



HP All-in-One Series Web Release and HP Photo and Imaging Gallery are prone to a heap based buffer overflow vulnerability because the applications fail to perform adequate boundary checks on user supplied data. By persuading a victim to visit a specially crafted Web page, a remote attacker could overflow the heap and execute arbitrary code on a victim system with the privileges of the user, or cause the victim's browser to crash.

Affected Products

HP Photo and Image Gallery 1.1
HP All-in-One Series Web Release


Arbitrary code execution.

Recommended Actions

Currently we are not aware of any vendor supplied patches for this issue.

CVE References