Информационная безопасность
[RU] switch to English


Несанкционированный доступ через ActiveX HP Easy Printer Care Software
дополнено с 12 августа 2011 г.
Опубликовано:16 января 2012 г.
Источник:
SecurityVulns ID:11854
Тип:клиент
Уровень опасности:
6/10
Описание:Возможен доступ на запись файлов.
CVE:CVE-2011-4787 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4786.)
 CVE-2011-4786 (A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4787.)
 CVE-2011-2404 (The HPTicketMgr.dll ActiveX control in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors.)
Оригинальный текстdocumentZDI, ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability (16.01.2012)
 documentZDI, ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability (16.01.2012)
 documentZDI, ZDI-11-261: HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability (17.08.2011)
 documentHP, [security bulletin] HPSBPI02698 SSRT100404 rev.1 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code (12.08.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород