HP Software Update HPeDiag: Disclosure of Information and Execution of Arbitrary Code

Users of HP Software Update HPeDiag please be advised of a Disclosure of Information and Execution of Arbtrary Code vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

HPSBGN02333 SSRT080031 rev.2: HP Software Update HPeDiag, Disclosure of Information and Execution of Arbitrary Code
VULNERABILITY SUMMARY

A potential vulnerability has been identified with the HPeDiag ActiveX control which is a component of HP Software Update running under windows. The vulnerability could be exploited to allow remote disclosure of information and execution of arbitrary code.Read more at http://www.criticalwatch.com
 

Advertisements