4 matches found
CVE-2017-5789
CVE-2017-5789 affects HP LoadRunner (before 12.53 Patch 4) and HP Performance Center (before 12.53 Patch 4). The root cause is a heap‑based buffer overflow in the libxdrutil.dll mxdr_string function, due to insufficient validation of user data length. This leads to remote code execution without a...
CVE-2017-5789
HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdrstring heap-based buffer overflow...
HPE LoadRunner and Performance Center libxdrutil.dll mxdr_string Heap Buffer Overflow (CVE-2017-5789)
A heap buffer overflow vulnerability exists in HP LoadRunner and Performance Center. The vulnerability is due to insufficient validation of the length of XDR encoded string. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable...
HPE LoadRunner < 12.53 Patch 4 libxdrutil.dll mxdr_string() RCE
The version of HP LoadRunner installed on the remote Windows host is prior to 12.53 patch 4. It is, therefore, affected by a remote code execution vulnerability due to a heap-based buffer overflow condition in the mxdrstring function in libxdrutil.dll. An unauthenticated, remote attacker can...