HP LoadRunner XUpload ActiveX control MakeHttpRequest file download

Added: 10/21/2009 CVE: CVE-2009-3693 BID: 36550 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the XUpload.ocx ActiveX control for performing file exchanges. Problem The MakeHttpRequest method in the XUpload.ocx ActiveX control can be used to download...

CVE-2009-3693

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control XUpload.ocx in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via .. backwards slash dot dot sequences in the third argument to the MakeHttpRequest method...

Directory traversal

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control XUpload.ocx in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via .. backwards slash dot dot sequences in the third argument to the MakeHttpRequest method...

CVE-2009-3693

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control XUpload.ocx in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via .. backwards slash dot dot sequences in the third argument to the MakeHttpRequest method...

HP LoadRunner 9.5 remote file creation PoC

Exploit for unknown platform in category dos / poc ========================================== HP LoadRunner 9.5 remote file creation PoC ========================================== Title: HP LoadRunner 9.5 remote file creation PoC CVE-ID: OSVDB-ID: Author: Pyrokinesis Published: 2009-09-29 Verifie...