SECUNIA ADVISORY ID: SA25624

VERIFY ADVISORY: http://secunia.com/advisories/25624/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE: HP Help and Support Center 4.x - http://secunia.com/product/14525/

DESCRIPTION: HP has acknowledged a vulnerability in Help and Support Center, which can be exploited by malicious people to compromise a user's system.



The vulnerability is caused due to an unspecified buffer overflow condition, which can be exploited to read or write files on a vulnerable system when a user e.g. visits a malicious website. The vulnerability is reported in versions prior to 4.4 C.

SOLUTION: Update to version 4.4 C. - ftp://ftp.hp.com/pub/softpaq/sp35501-36000/sp35567.exe

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://h10025.www1.hp.com/ewfrf/wc/genericSoftwareDownloadIndex?cc=us&dlc=en&lc=en&softwareitem=ob-48738-1&jumpid=reg_R1002_USEN