HP Instant Support Driver Check HPSDDX Class (SDD) ActiveX (sdd.dll) queryHub Function Overflow

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control that is affected by a
buffer overflow issue.

Description :

The remote host contains the SDD ActiveX control, a part of HP Instant
Support.

The version of this control on the remote host is reportedly affected
by a buffer overflow that can be triggered by a long argument to its
'queryHub' method. If an attacker can trick a user on the affected
host into visiting a specially crafted web page, these issues could
be leveraged to execute arbitrary code on the host subject to the
user's privileges.

See also :

http://seclists.org/bugtraq/2007/Jul/16
http://www.nessus.org/u?42a01f91

Solution :

Either disable the use of this ActiveX control from within Internet
Explorer by setting its kill bit or upgrade it to version 1.5.0.3 or
later following the vendor advisory referenced above.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 25655 (hp_instant_support_sdd_activex_overflow.nasl)

Bugtraq ID: 24730

CVE ID: CVE-2007-3554

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now