HP Instant Support HPISDataManager.dll ActiveX Control < 220.127.116.11 Vulnerabilities
High Nessus Plugin ID 33095
SynopsisThe remote Windows host has several ActiveX controls that are affected by multiple vulnerabilities.
DescriptionThe remote host contains several ActiveX controls in HP Instant Support HPISDataManager.dll, a web-based diagnostic tool from Hewlett-Packard.
The version of the controls installed on the remote host reportedly are affected by several issues. If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, this method could be used to execute arbitrary code by means of buffer overflows or to execute delete, download, and write to arbitrary files on the affected system, all subject to the user's privileges.
SolutionUpgrade to HP Instant Support version 18.104.22.168 or later.