14 matches found
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
No description provided by source. $Id: persitsxuploadtraversal.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
No description provided by source. $Id: hploadrunneraddfolder.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and ter...
Persits XUpload ActiveX AddFile Buffer Overflow
No description provided by source. $Id: hploadrunneraddfile.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
HP LoadRunner 9.0 - ActiveX AddFolder Buffer Overflow (Metasploit)
$Id: hploadrunneraddfolder.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
$Id: persitsxuploadtraversal.rb 7760 2009-12-08 21:24:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Persits XUpload ActiveX AddFile Buffer Overflow
$Id: hploadrunneraddfile.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
This module exploits a directory traversal in Persits Software Inc's XUpload ActiveX controlversion 3.0.0.3 that's included in HP LoadRunner 9.5. By passing a string containing ".." sequences to the MakeHttpRequest method, an attacker is able to write arbitrary files to arbitrary locations on...
Persits XUpload ActiveX AddFile Buffer Overflow
This module exploits a stack buffer overflow in Persits Software Inc's XUpload ActiveX controlversion 3.0.0.3 thats included in HP LoadRunner 9.5. By passing an overly long string to the AddFile method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...
XUpload ActiveX Control AddFolder Method Buffer Overflow
The remote host contains a version of the XUpload ActiveX control from Persits Software that reportedly is affected by a buffer overflow in its 'AddFolder' method that can be triggered by a long argument. If a remote attacker can trick a user on the affected host into visiting a specially crafted...
Persists Software XUpload ActiveX control buffer overflow
Buffer overflow in AddFolder method...
DSquare Exploit Pack: D2SEC_XUPLOAD
Name| d2secxupload ---|--- CVE| CVE-2007-6530 Exploit Pack| D2ExploitPack Description| Persits Software XUpload ActiveX Stack Overflow Notes|...
CVE-2007-6530
Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function...
Mercury LoadRunner XUpload ActiveX控件缓冲区溢出漏洞
BUGTRAQ ID: CNCAN ID:CNCAN-2007122709 Mercury LoadRunner是一款预测系统行为和性能的负载测试工具。 Mercury LoadRunner包含的XUpload ActiveX控件存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 XUpload ActiveX控件对"AddFolder"方法缺少正确的边界错误,构建恶意的WEB页,诱使用户访问,可触发缓冲区溢出,精心构建提交数据可能以应用程序进程权限执行任意指令。 HP LoadRunner 9.x Mercury LoadRunner 8.x --------...
Groove Virtual Office XUpload ActiveX控件缓冲区溢出漏洞
Groove Virtual Office是一款协同办公处理文档的应用程序。 Groove Virtual Office包含的XUpload ActiveX控件存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 XUpload ActiveX控件对"AddFolder"方法缺少正确的边界错误,构建恶意的WEB页,诱使用户访问,可触发缓冲区溢出,精心构建提交数据可能以应用程序进程权限执行任意指令。 Groove Virtual Office 3.x Office Groove 2007不受此漏洞影响:...