9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
Remote execution of arbitrary code
A potential security vulnerability has been identified with HP Easy Printer Care Software Running on Windows. The vulnerability can be remotely exploited to write arbitrary files to the system and execute them via the browser.
HP Easy Printer Care Software v2.5 and earlier for Windows XP and Vista is no longer available from HP. HP Easy Printer Care Software is no longer supported by HP.
HP Recommends this software be uninstalled from the system as soon as possible.
The HPTicketMgr.dll ActiveX control that is vulnerable is CLSID 466576F3-19B6-4FF1-BD48-3E0E1BFB96E9, If the Easy PRinter Care software is not uninstalled, HP recommends setting the kill bit for the vulnerable ActiveX control Class identifier (CLSID) {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9} . The kill bit is set by modifying the data value of the Compatibility Flags DWORD value for the CLSID of this ActiveX control to 0x00000400. This is explained in Microsoft’s article KB240797 or subsequent. <http://support.microsoft.com/kb/240797>[__](<http://support.microsoft.com/kb/240797> “External site.” )