CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.1%
Added: 10/21/2009
CVE: CVE-2009-3693
BID: 36550
HP LoadRunner is a software performance testing solution. HP LoadRunner includes the XUpload.ocx ActiveX control for performing file exchanges.
The **MakeHttpRequest**
method in the XUpload.ocx ActiveX control can be used to download arbitrary files without any user confirmation. This can be used to store malicious commands on the system when a user loads an attacker’s web page, leading to command execution.
Set the kill bit for Class ID E87F6C8E-16C0-11D3-BEF7-009027438003 as described in Microsoft Knowledge Base Article 240797.
<http://secunia.com/advisories/36898>
Exploit works on HP LoadRunner 9.5 and requires a user to load the exploit page in Internet Explorer 6 or 7.
After the user loads the exploit page, the exploit will succeed only after the user logs in again or reboots the system.
Windows