Friday, December 21, 2007 11:02 AM cmosby

HP Software Update ContentCollection Class ActiveX Control Insecure Method - Advisories - Secunia

 

Secunia Advisory:
SA28177

Release Date:
2007-12-20

Critical:

Less critical

Impact:
Manipulation of data

Where:
From remote

Solution Status:
Unpatched

Software:
HP Software Update 3.x

Description:
porkythepig has reported a vulnerability in HP Software Update, which can be exploited by malicious people to overwrite arbitrary files on a user's system.
The vulnerability is caused due to the HPRulesEngine.ContentCollection.1 ActiveX Control (RulesEngine.dll) including the insecure "SaveToFile()" method, which writes to a file specified as an argument. This can be exploited to overwrite and corrupt arbitrary files on the system in the context of the currently logged-on user.
The vulnerability is reported in version 3.0.8.4. Other versions may also be affected.
Solution:
Set the kill-bit for the affected ActiveX control.
Provided and/or discovered by:
porkythepig
Original Advisory:
http://www.anspi.pl/~porkythepig/hp-issue/wyfukanyszynszyl.txt

Source: HP Software Update ContentCollection Class ActiveX Control Insecure Method - Advisories - Secunia

Filed under: ,

Comments

# Chris Mosby’s IT Blog » Blog Archive » HP Software Update ContentCollection Class ActiveX Control Insecure Method - Advisories - Secunia

Friday, December 21, 2007 5:45 PM by Chris Mosby’s IT Blog » Blog Archive » HP Software Update ContentCollection Class ActiveX Control Insecure Method - Advisories - Secunia

Pingback from  Chris Mosby’s IT Blog  » Blog Archive   » HP Software Update ContentCollection Class ActiveX Control Insecure Method - Advisories - Secunia