Signature Detail

HTTP: HP DataMgr Unsafe ActiveX Control

This signature detects attempts to exploit a known vulnerability in Hewlett-Packard Data Manager ActiveX control. An attacker can create a malicious Web site containing dangerous ActiveX calls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Extended Description

HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to multiple unspecified vulnerabilities that allow remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions. HP Instant Support 1.0.0.22 and earlier versions are affected. NOTE: This BID is being retired; the following individual records have been created to better document the issues: 29529 HP Instant Support 'HPISDataManager.dll' 'ExtractCab' ActiveX Control Buffer Overflow Vulnerability 29530 HP Instant Support ActiveX Control in 'HPISDataManager.dll' Arbitrary File Download Vulnerability 29531 HP Instant Support 'HPISDataManager.dll' 'GetFileTime' ActiveX Control Buffer Overflow Vulnerability 29532 HP Instant Support 'HPISDataManager.dll' 'MoveFile' ActiveX Control Buffer Overflow Vulnerability 29533 HP Instant Support 'HPISDataManager.dll' 'StartApp' ActiveX Control Insecure Method Vulnerability 29534 HP Instant Support 'HPISDataManager.dll' 'RegistryString' Buffer Overflow Vulnerability 29535 HP Instant Support 'HPISDataManager.dll' ActiveX Control Arbitrary File Creation Vulnerability 29536 HP Instant Support 'HPISDataManager.dll' ActiveX Control Arbitrary File Delete Vulnerability

Affected Products

• HP Instant Support 1.0.0.22

References

• BugTraq: 29526
• CVE: CVE-2008-0953
• URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01422264
• URL: http://secunia.com/advisories/30516