HP Photo Creations is free software that lets the user create photo books, calendars, collages, greeting cards and other keepsakes that can be printed or shipped to the user. HP Photo Creations installs and registers the
**audio.Record** ActiveX control which contains various audio processing functions, e.g., recording, resampling, and importing.
HP Photo Creations
**audio.Record** ActiveX control is vulnerable to buffer overflow due to a boundary error in
**ContentMan.dll** while parsing arguments passed to the
Update to HP Photo Creations build 5162, which includes
**ContentMan.dll** version 184.108.40.20662.
Exploit works on HP Photo Creative 2.0 and the user must load the exploit page in Internet Explorer 7.