316 matches found
CVE-2016-4384
CVE-2016-4384 applies to HPE LoadRunner and HP Performance Center prior to version 12.50. The vulnerability is a remote denial-of-service caused by improper handling of malformed packets in the mchan.dll component. Several connected sources (NVD entry, Nessus plugins) confirm a remote DoS impact ...
CVE-2016-4384
HPE Performance Center before 12.50 and LoadRunner before 12.50 allow remote attackers to cause a denial of service via unspecified vectors...
HP LoadRunner Controller Scenario File Stack Buffer Overflow (CVE-2015-5426)
A stack-based buffer overflow vulnerability exists in HP LoadRunner Controller. The vulnerability is due to insufficient boundary checks while parsing scenario files. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted ".lrs" files with the...
HPE LoadRunner Shared Memory Name Construction RCE
The Hewlett Packard Enterprise HPE LoadRunner application running on the remote host is affected by a stack-based buffer overflow condition in mchan.dll, when constructing a shared memory file name, due to improper validation of the size of a user-supplied string. An unauthenticated, remote...
HPE LoadRunner Virtual Table Server import_csv Remote File Deletion DoS
The Hewlett Packard Enterprise HPE LoadRunner Virtual Table Server application running on the remote host is affected by a flaw in the importcsv feature due to a failure to restrict file paths sent to an unlink call. An unauthenticated, remote attacker can exploit this to delete arbitrary files o...
HP LoadRunner 11.52 / 12.00 / 12.01 / 12.02 / 12.50 Multiple Vulnerabilities
The version of HP LoadRunner installed on the remote Windows host is 11.52, 12.00, 12.01, 12.02, or 12.50, without the HPSBGN03609 hotfix. It is, therefore, affected by multiple vulnerabilities : - An overflow condition exists in mchan.dll due to a failure to validate the size of a user-supplied...
CVE-2016-4361
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers ...
CVE-2016-4361
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers ...
CVE-2016-4360
web/admin/data.js in the Performance Center Virtual Table Server VTS component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through...
CVE-2016-4359
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through...
CVE-2016-4359
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through...
Design/Logic Flaw
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers ...
Code injection
web/admin/data.js in the Performance Center Virtual Table Server VTS component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through...
Stack overflow
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through...
CVE-2016-4360
The CVE-2016-4360 issue affects Hewlett Packard Enterprise LoadRunner/Performance Center components (notably the Virtual Table Server import_csv feature). The root cause is that web/admin/data.js in the VTS component does not restrict file paths sent to unlink, enabling an unauthenticated remote ...
CVE-2016-4359
CVE-2016-4359 involves a stack-based buffer overflow in mchan.dll of HPE LoadRunner/Performance Center. The flaw occurs when constructing a shared memory/file name or processing a long -server_name value, allowing an unauthenticated attacker to remotely execute arbitrary code. Affected products i...
CVE-2016-4360
web/admin/data.js in the Performance Center Virtual Table Server VTS component in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through...
CVE-2016-4361
HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through patch 2, and 12.50 through patch 1 allow remote attackers ...
CVE-2016-4361
CVE-2016-4361 affects HP LoadRunner and HP Performance Center. Multiple components (e.g., magentservice.exe) are vulnerable to remote denial of service via malformed requests (xdr_string handling) or related malformed packets, allowing a remote attacker to crash the service. Affected products/ver...
CVE-2016-4359
Stack-based buffer overflow in mchan.dll in the agent in HPE LoadRunner 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.02 through patch 2, and 12.50 through patch 3 and Performance Center 11.52 through patch 3, 12.00 through patch 1, 12.01 through patch 3, 12.20 through...