Vigil@nce: HP Operations Manager, buffer overflow of srcvw
April 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can create an HTML page using an ActiveX installed by
HP Operations Manager for Windows, in order to execute code on
victim’s computer.
– Severity: 2/4
– Creation date: 20/04/2010
– Revision date: 20/04/2010
DESCRIPTION OF THE VULNERABILITY
The HP Operations Manager for Windows product installs the
srcvw4.dll and srcvw32.dll ActiveX. They can be called from a web
page.
However, these ActiveX do not check the size of the parameter of
their LoadFile() and SaveFile() methods, which creates a buffer
overflow.
An attacker can therefore create an HTML page using these ActiveX,
in order to execute code on computers of victims displaying the
web page.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/HP-Operations-Manager-buffer-overflow-of-srcvw-9597