HP Help and Support Center Unspecified Buffer Overflow Vulnerability
TITLE: HP Help and Support Center Unspecified Buffer Overflow Vulnerability
CLASS: Boundary Condition Error
CVE: CVE-2007-3180
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 13 2007 12:00AM
UPDATE: Jun 13 2007 12:00AM
CREDIT: The vendor disclosed this vulnerability.
VULNERABLE:
HP Help and Support Center 4.4NOT VULNERABLE:
HP Help and Support Center 4.4.C
Vai alla pagina originale su Security Focus
Discussion
HP Help and Support Center is prone to an unspecified remote buffer-overflow vulnerability. This issue occurs because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service.
Exploit
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com:
Solution
Solution:
The vendor has addressed this issue in version 4.4 C. Please see the vendor references for details on obtaining and applying the appropriate updates.
HP Help and Support Center 4.4
- HP HP Help and Support Center 4.4. C
ftp://ftp.hp.com/pub/softpaq/sp35501-36000/sp35567.exe
References
References: