1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP HP RegistryString ActiveX BO

HTTP HP RegistryString ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempt to exploit a buffer overflow vulnerability by passing long arguments into a method of HP Instant Support 'HPISDataManager.dll' ActiveX Control .

Additional Information

HP Instant Support is a suite of web-based support tools that automate resolving technical issues that affect HP products.

HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. The vulnerability affects the first argument of the 'RegistryString()' method of the ActiveX control identified by CLSID:


An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 29526 (HP Instant Support 'HPISDataManager.dll' ActiveX Control Unspecified Code Execution Vulnerabilities), but has been given its own record because of new information.


  • HP Instant Support and earlier versions are affected.


Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube