27 matches found
EUVD-2007-1876
Malware in sbrugna...
HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow
No description provided by source. $Id: hpmqcprogcolor.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
DSquare Exploit Pack: D2SEC_HPLR
Name| d2sechplr ---|--- CVE| CVE-2010-1549 Exploit Pack| D2ExploitPack Description| HP Mercury LoadRunner Agent Remote Code Execution Vulnerability Notes|...
HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted...
HP Mercury Multiple Products Agent Command Processing Buffer Overflow (CVE-2007-0446)
HP Mercury LoadRunner is a performance and load testing product. LoadRunner consists of three components, a Virtual User Generator, a Controller, and an Analysis module. The Virtual User Generator constructs large number of virtual user clients and generate running script. The Controller runs the...
HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP Mercury Qualit...
CVE-2007-5289
HP Mercury Quality Center QC 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture OTA API, as...
Design/Logic Flaw
HP Mercury Quality Center QC 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture OTA API, as...
CVE-2007-5289
HP Mercury Quality Center QC 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture OTA API, as...
CVE-2007-5289
HP Quality Center (QC) 9.2 and earlier, and possibly TestDirector, caches client-side scripts for workflow logic. An attacker can modify (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\TD_80, then set the file properties to read-only to ...
HP Mercury SiteScope multiple security vulnerabilities
No description provided...
CVE-2007-6530
Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function...
HP Mercury Quality Center multiple security vulnerabilities
SQL injection, ActiveX buffer overflow...
HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow
This module exploits a stack-based buffer overflow in SPIDERLib.Loader ActiveX control Spider90.ocx 9.1.0.4353 installed by TestDirector TD for Hewlett-Packard Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32. By setting an overly long value to 'ProgColor', an attacker ca...
CVE-2007-1882
qcbin/servlet/tdservlet/TDAPIGeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method...
Sql injection
qcbin/servlet/tdservlet/TDAPIGeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method...
CVE-2007-1882
qcbin/servlet/tdservlet/TDAPIGeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method...
CVE-2007-1882
The CVE-2007-1882 entry affects HP Mercury Quality Center 9.0, build 9.1.0.4352. The vulnerability lies in qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment, where remote authenticated users can execute arbitrary SQL commands via the RunQuery method. Documents confirm the affected component and t...
HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit
No description provided by source. !/usr/bin/perl HP Mercury Quality Center runQuery exploit. Run whatever SQL you want on there db - without SQL injection. Problem is client can do "RunQuery" command os we write program to do this. Client can lots other things it should not also! The backend...
HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit
Exploit for unknown platform in category remote exploits ================================================================= HP Mercury Quality Center Spider90.ocx ProgColor Overflow Exploit ================================================================= !/usr/bin/perl POC exploit for Mercury...