HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Method Vulnerability

2013-09-30T00:00:00
ID SAINT:99E2F5629DC190350535E1207AE8212E
Type saint
Reporter SAINT Corporation
Modified 2013-09-30T00:00:00

Description

Added: 09/30/2013
CVE: CVE-2013-2368
BID: 61436
OSVDB: 95639

Background

HP LoadRunner is a software performance testing solution. HP LoadRunner includes the **micWebAjax** ActiveX control.

Problem

HP LoadRunner before 11.52 is vulnerable to remote code execution due to failure to sanitize user-supplied input to the NotifyEvent method in the **micWebAjax.dll** ActiveX control. A remote attacker who persuades a user to open a crafted page that results in stack corruption could lead to arbitrary code execution in the context of the web browser.

Resolution

Upgrade to HP LoadRunner 11.52 or newer.

References

<http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03862772>

Limitations

Exploit works on HP LoadRunner 11.50 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).

The user must open the exploit in Internet Explorer 8 or 9.

Platforms

Windows