Signature Detail
Short Name |
HTTP:STC:ACTIVEX:HP-EASYPRINTER |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
HP Easy Printer Care Software HPTicketMgr.dll ActiveX |
Release Date |
2011/08/19 |
Update Number |
1977 |
Supported Platforms |
idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: HP Easy Printer Care Software HPTicketMgr.dll ActiveX
This signature detects attempts to use unsafe ActiveX controls in HP Easy Printer Care Software. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
HP Easy Printer Care Software running on Windows is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows an attacker to execute arbitrary code in the context of the application running the affected control (typically Internet Explorer). HP Easy Printer Care Software 2.5 and prior versions are vulnerable.
Affected Products
- HP Easy Printer Care Software 2.5
References
- BugTraq: 51400
- BugTraq: 49100
- CVE: CVE-2011-4787
- CVE: CVE-2011-2404