HP.hpqutil.ActiveX.Control.Heap.Overflow
Description
HP All-in-One Series Web Release and HP Photo and Imaging Gallery are prone to a heap based buffer overflow vulnerability because the applications fail to perform adequate boundary checks on user supplied data. By persuading a victim to visit a specially crafted Web page, a remote attacker could overflow the heap and execute arbitrary code on a victim system with the privileges of the user, or cause the victim's browser to crash.
Affected Products
HP Photo and Image Gallery 1.1
HP All-in-One Series Web Release
Impact
Arbitrary code execution.
Recommended Actions
Currently we are not aware of any vendor supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |