On Mon, 23 Feb 2009 info@xxxxxxxxxxxxx wrote: > The front-end of the application is composed of COM components that plug > into the web browser. [...] > In order to optimize the interaction speed of the application, a cache > folder is created on the client machine. [...] Indeed, those files are > required on the client machine because the workflow is execute on the > client, not on the server. [...] > If a user modifies this file and then mark it as read-only, he can > execute arbitrary code. As the OTA API allows access to the database, he > can also modify the data stored in the database as follows: You say you can execute arbitrary code on your computer (under your own account)? What an amazing exploit! (pun intended) Any client-server application depending on the client side not being messed with by its user is *broken by design*. It does not matter whether the messing in question is easy (like putting a VB script in the right directory) or difficult (like attaching a debugger to a running process and flipping bits in its memory space). > Please note that HP has released a patch that fixes this issue, please > contact HP support for further details. I wonder what kind of fix has been released. Does anyone think they solved the REAL problem? -- Pavel Kankovsky aka Peak / Jeremiah 9:21 \ "For death is come up into our MS Windows(tm)..." \ 21th century edition /
