Moderately critial flaws affect HP Managed Printing Administration. One of them is a sanitization vulnerability in MPAUploader.Uploader.1.UploadFiles() function. The flaw allows to create arbitrary files via directory traversal. Boundary error was found in MPAUploader.dll3 when parsing „filename“ parameter passed via Default.asp. The vulnerability can be exploited to cause buffer overflow.
Another flaw is present when sanitizing jobDelivery\Default.asp. There’s also one unspecified vulnerability.
Flaws were found in versions prior to 2.6.4. A successful attack allows to execute arbitrary code.

Source: Secunia
23.12.2011