HP Photo Creations audio.Record ActiveX Stack Buffer Overflow

2011-01-10T00:00:00
ID SAINT:546F927A71FB5276805132D53091C513
Type saint
Reporter SAINT Corporation
Modified 2011-01-10T00:00:00

Description

Added: 01/10/2011
BID: 45631

Background

HP Photo Creations is free software that lets the user create photo books, calendars, collages, greeting cards and other keepsakes that can be printed or shipped to the user. HP Photo Creations installs and registers the **audio.Record** ActiveX control which contains various audio processing functions, e.g., recording, resampling, and importing.

Problem

HP Photo Creations **audio.Record** ActiveX control is vulnerable to buffer overflow due to a boundary error in **ContentMan.dll** while parsing arguments passed to the **Resample** function.

Resolution

Update to HP Photo Creations build 5162, which includes **ContentMan.dll** version 1.0.0.5162.

References

<http://secunia.com/advisories/42770/>

Limitations

Exploit works on HP Photo Creative 2.0 and the user must load the exploit page in Internet Explorer 7.

Platforms

Windows