1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP HP Digital Imaging HPQVWOCX ActiveX Overwrite

HTTP HP Digital Imaging HPQVWOCX ActiveX Overwrite

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a file overwrite vulnerability by passing special arguments into a method of HP Photo Digital Imaging HPQVWOCX.DLL ActiveX control.

Additional Information

The 'hpqvwocx.dll' ActiveX control is part of HP's Photo Digital Imaging application.

The ActiveX control is prone to a vulnerability that lets attackers overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). This issue occurs because the application fails to sanitize user-supplied input to the 'SaveToFile' method of the 'hpqvwocx.dll' library. This issue occurs in the ActiveX control with BA726BF9-ED2F-461B-9447-CD5C7D66CE8D.

An attacker can exploit this issue to overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).

This issue affects HP Photo Digital Imaging 2.1.0.556; other versions may also be affected.

Affected

  • HP HP Photo Digital Imaging hpqvwocx.dll 2.1.556
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube