Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:65C17F3898A30DC5D6E6B26826E7C7C6
HistoryAug 29, 2011 - 12:00 a.m.

HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution

2011-08-2900:00:00
SAINT Corporation
www.saintcorporation.com
15

0.825 High

EPSS

Percentile

98.1%

JSON

Added: 08/29/2011
CVE: CVE-2011-2404
BID: 49100
OSVDB: 74510

Background

HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers.

Problem

HP Easy Printer Care Software **HPTicketMgr.dll** is vulnerable to directory traversal due to insufficient input validation by the **HPTicketMgr.dll** ActiveX control. A remote attacker could exploit this vulnerability by enticing a target user to view a maliciously crafted web page, thereby allowing the attacker to overwrite arbitrary files on the target computer with arbitrary content, which could lead to code execution.

Resolution

HP has discontinued this product and therefore has no patch or upgrade that fixes this problem. An alternate software package should be used.

References

<http://www.zerodayinitiative.com/advisories/ZDI-11-261/&gt;
<http://packetstormsecurity.org/files/103861&gt;

Limitations

Exploit works on HP Easy Printer Care 2.5.5.165 and the target user must open the exploit file in Internet Explorer.

To open the shell connection, the target machine must reboot after the exploit script runs.

Platforms

Windows

Related

packetstorm 1
saint 3
securityvulns 3
checkpoint_advisories 1
zdi 1
d2 1
nessus 2
hp 1
cve 3
prion 3
packetstorm
packetstorm
HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution
2011-08-21 00:00:00
saint
saint
HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution
2011-08-29 00:00:00
HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution
2011-08-29 00:00:00
HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution
2011-08-29 00:00:00
securityvulns
securityvulns
[security bulletin] HPSBPI02698 SSRT100404 rev.1 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code
2011-08-12 00:00:00
ZDI-11-261: HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability
2011-08-17 00:00:00
HP Easy Printer Care Software ActiveX unauthorized access
2012-01-16 00:00:00
checkpoint_advisories
checkpoint_advisories
HP Easy Printer Care Software HPTicketMgr.dll Directory Traversal (CVE-2011-2404)
2011-09-27 00:00:00
zdi
zdi
HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability
2011-08-16 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_HPEASY
2011-08-11 22:55:00
nessus
nessus
MS11-090: Cumulative Security Update of ActiveX Kill Bits (2618451)
2011-12-13 00:00:00
HP Easy Printer Care Software ActiveX Control Remote Code Execution Vulnerabilities
2011-08-12 00:00:00
hp
hp
HPSBPI02698 SSRT100404 rev.3 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code
2011-08-04 00:00:00
cve
cve
CVE-2011-4787
2012-01-12 19:55:00
CVE-2011-4786
2012-01-12 19:55:00
CVE-2011-2404
2011-08-11 22:55:00
prion
prion
Design/Logic Flaw
2012-01-12 19:55:00
Design/Logic Flaw
2012-01-12 19:55:00
Design/Logic Flaw
2011-08-11 22:55:00

0.825 High

EPSS

Percentile

98.1%

JSON
Related for SAINT:65C17F3898A30DC5D6E6B26826E7C7C6
packetstorm1saint3securityvulns3checkpoint_advisories1zdi1d21nessus2hp1cve3prion3