4 matches found
CVE-2014-2637
HP Sprinter 12.01 is affected by CVE-2014-2637 due to a CopyRange/CopyRangeEx memory corruption vulnerability in the Tidestone Formula One ActiveX controls (TTF16.ocx). The ZDI advisory states this allows remote code execution when a vulnerable installation visits a malicious page or opens a mali...
CVE-2014-2635
Summary: The HP Sprinter vulnerability CVE-2014-2635 (and related CVEs) is a memory corruption/remote code execution issue found in the Tidestone Formula One ActiveX controls shipped with HP Sprinter. The concrete entry details a flaw in the SwapTables method (TTF16.ocx) that can be exploited to ...
CVE-2014-2638
HP Sprinter 12.01 is affected by a remote code execution vulnerability in the Tidestone Formula One ActiveX controls (TTF16.ocx). The root cause is a memory corruption flaw caused by assigning an overly long value to the DefaultFontName property, allowing an attacker to execute arbitrary code in ...
CVE-2014-2636
HP Sprinter 12.01 is affected by CVE-2014-2636 (ZDI-2336) through a memory corruption flaw in the TTF16.ocx AttachToSS control that can allow remote code execution. Exploitation requires user interaction (e.g., visiting a malicious page/file). Impact is remote code execution with the context of t...