Intrusion Prevention

HP.Instant.Support.ActiveX.Control.Access

Description

This indicates a possible attempt to exploit some issues in HP Instant Support.
The vulnerability is in the "HPISDataManager.dll" ActiveX control through misused methods. It may allow remote attackers to execute arbitrary code in the context of the application, or download, write, execute, and delete arbitrary files on the vulnerable system.

Affected Products

HP Instant Support HPISDataManager.dll v1.0.0.22 and later versions.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Disable this ActiveX Control by setting its kill bit, or upgrade to HP Instant Support v1.0.0.24 or later versions, available from the vendor's website.