HP PKI ActiveX Control Denial of Service Vulnerability
BID:51341
Info
HP PKI ActiveX Control Denial of Service Vulnerability
| Bugtraq ID: | 51341 |
| Class: | Unknown |
| CVE: |
CVE-2012-6501 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 10 2012 12:00AM |
| Updated: | Jan 16 2013 06:00PM |
| Credit: | Parvez Anwar |
| Vulnerable: |
HP PKI ActiveX Control 1.1.0.6 |
| Not Vulnerable: |
HP PKI ActiveX Control 1.2.0.1 |
Discussion
HP PKI ActiveX Control Denial of Service Vulnerability
HP PKI ActiveX Control is prone to a denial-of-service vulnerability.
Successful exploits will allow the attacker to kill other legitimate processes in the context of the application (typically Internet Explorer) which use the affected ActiveX control, and also cause denial-of-service conditions.
HP PKI ActiveX Control 1.1.0.6 is vulnerable.
HP PKI ActiveX Control is prone to a denial-of-service vulnerability.
Successful exploits will allow the attacker to kill other legitimate processes in the context of the application (typically Internet Explorer) which use the affected ActiveX control, and also cause denial-of-service conditions.
HP PKI ActiveX Control 1.1.0.6 is vulnerable.
Exploit / POC
HP PKI ActiveX Control Denial of Service Vulnerability
Attackers can exploit this issue by tricking a victim into viewing a specially crafted webpage.
Attackers can exploit this issue by tricking a victim into viewing a specially crafted webpage.
Solution / Fix
HP PKI ActiveX Control Denial of Service Vulnerability
Solution:
Reportedly, the vendor has released an update to address the issue. Please contact the vendor for more information.
Solution:
Reportedly, the vendor has released an update to address the issue. Please contact the vendor for more information.