Some vulnerabilities have been reported in HP Instant Support, which potentially can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) Some vulnerabilities are caused due to boundary errors within the "ExtractCab()", "GetFileTime()", "MoveFile()", and "RegistryString()" methods of HPISDataManager.dll. These can be exploited to cause a buffer overflow via an overly long string passed to the affected methods when a user e.g. visits a malicious web page.

2) The HPISDataManager.dll ActiveX contains the insecure methods "AppendStringToFile()", "DownloadFile()", "StartApp()", and "DeleteSingleFile()", which can be exploited to e.g. overwrite, delete, and execute arbitrary files on a user's system and download files into the location of the ActiveX component by tricking a user into visiting a malicious web page.

The vulnerabilities are reported in HP Instant Support HPISDataManager.dll version 1.0.0.22 and earlier.

Solution
Update to version 1.0.0.24. Choose "launch an online diagnostic session" at:
Further details available to Secunia VIM customers

Provided and/or discovered by
Dennis Rand, CSIS Security Research and Intelligence

Changelog
Further details available to Secunia VIM customers

Original Advisory
HPSBMA02326 SSRT071490:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01422264

CSIS Security Research and Intelligence:
http://www.csis.dk/dk/forside/CSIS-RI-0003.pdf

Other references
Further details available to Secunia VIM customers

Alternate/detailed remediation
Further details available in Customer Area

Deep Links
Links available to Secunia VIM customers