HPSBPI02698 SSRT100404 rev.3 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code

2011-08-0400:00:00

HP Product Security Response Team

support.hp.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

Potential Security Impact

Remote execution of arbitrary code

VULNERABILITY SUMMARY

A potential security vulnerability has been identified with HP Easy Printer Care Software Running on Windows. The vulnerability can be remotely exploited to write arbitrary files to the system and execute them via the browser.

RESOLUTION

HP Easy Printer Care Software v2.5 and earlier for Windows XP and Vista is no longer available from HP. HP Easy Printer Care Software is no longer supported by HP.

HP Recommends this software be uninstalled from the system as soon as possible.

The HPTicketMgr.dll ActiveX control that is vulnerable is CLSID 466576F3-19B6-4FF1-BD48-3E0E1BFB96E9, If the Easy PRinter Care software is not uninstalled, HP recommends setting the kill bit for the vulnerable ActiveX control Class identifier (CLSID) {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9} . The kill bit is set by modifying the data value of the Compatibility Flags DWORD value for the CLSID of this ActiveX control to 0x00000400. This is explained in Microsoft’s article KB240797 or subsequent. <http://support.microsoft.com/kb/240797>[__](<http://support.microsoft.com/kb/240797> “External site.” )