HP.Info.Center.ActiveX.Remote.Command.Execution
Description
This indicates an attempt to exploit a remote command execution vulnerability in HP Info Center.
Multiple Hewlett-Packard notebook computer series are vulnerable to a remote code execution attack. The vulnerability is in the preinstalled software package "HP Info Center", in the "LaunchApp" method of its ActiveX control.
Affected Products
HP Info Center v1.0.1.1
HPInfoDll.dll ActiveX CTL v1.0
Impact
System Compromise: Remote attackers can execute arbitrary commands on vulnerable systems.
Recommended Actions
Upgrade to the latest version available
ftp://ftp.hp.com/pub/softpaq/sp38001-38500/sp38166.html
ftp://ftp.hp.com/pub/softpaq/sp38001-38500/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |