316 matches found
HP LoadRunner - lrFileIOService ActiveX Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
HP LoadRunner lrFileIOService ActiveX Control WriteFileBinary Input Validation Error
Added: 08/29/2013 CVE: CVE-2013-2370 BID: 61441 OSVDB: 95640 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
HP LoadRunner lrFileIOService ActiveX Control WriteFileBinary Input Validation Error
Added: 08/29/2013 CVE: CVE-2013-2370 BID: 61441 OSVDB: 95640 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
This Metasploit module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileBinary method where user provided data is used as a memory pointer. This Metasploit module has been tested successfully on IE6-IE9 on...
HP LoadRunner lrFileIOService ActiveX Control WriteFileBinary Input Validation Error
Added: 08/29/2013 CVE: CVE-2013-2370 BID: 61441 OSVDB: 95640 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...
HP LoadRunner lrFileIOService ActiveX Control WriteFileBinary Input Validation Error
Added: 08/29/2013 CVE: CVE-2013-2370 BID: 61441 OSVDB: 95640 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
This module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileBinary method where user provided data is used as a memory pointer. This module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7,...
HP LoadRunner lrLRIServices ActiveX Control Code Execution Vulnerability
The remote host has the HP LoadRunner lrLRIServices ActiveX control installed. The version of the installed control is potentially affected by an arbitrary code execution vulnerability in the handling of input to the output directory mutator. By tricking a user into opening a specially crafted we...
HP LoadRunner < 11.52 SSL Connection Handling Stack Buffer Overflow RCE
Binary data hploadrunnercve-2013-4800.nbin...
Hewlett-Packard LoadRunner lrFileIOService ActiveX Control WriteFileString Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard LoadRunner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Hewlett-Packard LoadRunner Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XDR. The issue lies in the handling of the length of the XDR-encoded dat...
Hewlett-Packard LoadRunner lrFileIOService ActiveX Control CreateFileCont Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the lrFileIOServic...
Hewlett-Packard LoadRunner LrWebIEBrowserMgr.dll ActiveX Control FlushSnapshotToFile Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Hewlett-Packard LoadRunner micWebAjax.dll ActiveX Control NotifyEvent Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the micWebAjax.dll...
Hewlett-Packard LoadRunner lrLRIServices ActiveX Control SetOutputDirectory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the lrLRIServices...
CVE-2013-2370
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1671...
CVE-2013-4798
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705...
CVE-2013-4801
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1736...
CVE-2013-4797
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1690...