Hewlett-Packard Company Information for VU#461321
HP Virtual Rooms ActiveX control fails to restrict access to dangerous methods
- Vendor Information Help Date Notified: 01 Oct 2008
- Statement Date:
- Date Updated: 09 Jun 2009
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
This issue is addressed with the HP Virtual Rooms client 7.01. This update sets the kill bit for the vulnerable version of the ActiveX control, while providing an updated version with a different CLSID. Please see the HP Virtual Rooms 7.01 release notice for more details. This control is also disabled in Internet Explorer with the update for Microsoft Security Advisory (969898).
If you have feedback, comments, or additional information about this vulnerability, please send us email.