HP Photo Creations audio.Record ActiveX Stack Buffer Overflow

2011-01-10T00:00:00
ID SAINT:E103E6A660F28D1F3CB19C1849A85E89
Type saint
Reporter SAINT Corporation
Modified 2011-01-10T00:00:00

Description

Added: 01/10/2011
BID: 45631

Background

HP Photo Creations is free software that lets the user create photo books, calendars, collages, greeting cards and other keepsakes that can be printed or shipped to the user. HP Photo Creations installs and registers the **audio.Record** ActiveX control which contains various audio processing functions, e.g., recording, resampling, and importing.

Problem

HP Photo Creations **audio.Record** ActiveX control is vulnerable to buffer overflow due to a boundary error in **ContentMan.dll** while parsing arguments passed to the **Resample** function.

Resolution

Update to HP Photo Creations build 5162, which includes **ContentMan.dll** version 1.0.0.5162.

References

<http://secunia.com/advisories/42770/>

Limitations

Exploit works on HP Photo Creative 2.0 and the user must load the exploit page in Internet Explorer 7.

Platforms

Windows