Added: 01/26/2012
CVE: CVE-2011-4786
BID: 51396
OSVDB: 78306
HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers.
HP Easy Printer Care Software 2.5 and prior versions are vulnerable to remote code execution. The **CacheDocumentXMLWithId**
method from the **XMLCacheMgr**
class in the HP Easy Printer **HPTicketMgr.dll**
ActiveX Control (2.7.2.0) is vulnerable to directory traversal and arbitrary write. A remote attacker could leverage this vulnerability to execute code in the context of the Internet Explorer web browser.
HP has discontinued this product and therefore has no patch or upgrade that fixes this problem. HP recommends uninstalling this software as soon as possible. If the Easy Printer Care software is not uninstalled, HP recommends setting the kill bit for the vulnerable ActiveX control Class identifier (CLSID) {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9} as explained in Microsoft’s knowledge base article KB240797.
<http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02949847>
<http://www.zerodayinitiative.com/advisories/ZDI-12-013/>
This exploit has been tested on HP Easy Printer Care 2.5.5.165 on Microsoft Windows XP SP3 English (DEP OptIn).
The user must open the exploit file in Internet Explorer 7 or 8.
Windows