HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution

This module allows remote attackers to place arbitrary files on a users file system by abusing the "CacheDocumentXMLWithId" method from the "XMLCacheMgr" class in the HP Easy Printer HPTicketMgr.dll ActiveX Control HPTicketMgr.dll 2.7.2.0. Code execution can be achieved by first uploading the...

Design/Logic Flaw

A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4787...

Design/Logic Flaw

A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-2404 and CVE-2011-4786...

CVE-2011-4787

CVE-2011-4787 concerns a vulnerability in HP Easy Printer Care Software prior to or including version 2.5, specifically an ActiveX control in HPTicketMgr.dll. The description states that this control allows remote attackers to download an arbitrary program onto a client machine and execute it via...

HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution

Added: 08/29/2011 CVE: CVE-2011-2404 BID: 49100 OSVDB: 74510 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software HPTicketMgr.dll is vulnerable to directory traversal due to insufficient input validation by the...

HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution

Added: 08/29/2011 CVE: CVE-2011-2404 BID: 49100 OSVDB: 74510 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software HPTicketMgr.dll is vulnerable to directory traversal due to insufficient input validation by the...

HP Easy Printer Care Software HPTicketMgr.dll ActiveX Control Remote Code Execution

Added: 08/29/2011 CVE: CVE-2011-2404 BID: 49100 OSVDB: 74510 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software HPTicketMgr.dll is vulnerable to directory traversal due to insufficient input validation by the...

HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution

$Id: hpeasyprintercarexmlsimpleaccessor.rb 13599 2011-08-20 17:47:03Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

HP Easy Printer Care - XMLSimpleAccessor Class ActiveX Control Remote Code Execution (Metasploit)

$Id: hpeasyprintercarexmlsimpleaccessor.rb 13593 2011-08-20 00:11:22Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Design/Logic Flaw

A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787...

CVE-2011-2404

CVE-2011-2404 affects HP Easy Printer Care Software 2.5 and earlier, via an ActiveX control in HPTicketMgr.dll. It allows remote attackers to download an arbitrary program to a client machine and execute it, via unspecified vectors; this is a separate vulnerability from CVE-2011-4786 and CVE-2011...