SafeNet Hardware Against Software Piracy (HASP) solutions include the PrivAgent.ocx ActiveX control.
A buffer overflow vulnerability in the ChooseFilePath method of the PrivAgent.ocx ActiveX control allows command execution when a user opens a specially crafted file.
Set the kill bit for Class ID 09F68A41-2FBE-11D3-8C9D-0008C7D901B6 as described in Microsoft Knowledge Base Article 240797.
Exploit works on SafeNet Privilege SCP 5.0 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn) and requires a user to open the exploit page in Internet Explorer 8 or 9.
JRE 1.6.x must be installed on Windows 7 targets.