HP Operations Manager SourceView ActiveX LoadFile / SaveFile Stack Overflows
High Nessus Plugin ID 45593
SynopsisThe remote Windows host has an ActiveX control that is susceptible to buffer overflow attacks.
DescriptionThe SourceView ActiveX control, a component of HP Operations Manager, installed on the remote Windows host reportedly is affected by buffer overflows that can be triggered by passing specially crafted Unicode strings to the 'LoadFile' or 'SaveFile' methods.
If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, he can leverage this issue to execute arbitrary code on the affected system subject to the user's privileges.
SolutionApply the appropriate patch referenced in HP's advisory.