4 matches found
CVE-2011-4789
CVE-2011-4789 describes a stack-based buffer overflow in HP LoadRunner 11.00 before patch 4, via a crafted packet size to magentservice.exe, enabling remote code execution. HP notes the vulnerable product is actually LoadRunner (not Diagnostics Server). Public listings and advisories (ZDI-12-016)...
CVE-2011-0892
CVE-2011-0892 affects HP Diagnostics 7.5x and 8.0x (pre-8.05.54.225). The vulnerability is a remote cross-site scripting (XSS) issue that could let attackers inject arbitrary script/HTML via unknown vectors. HP published a fix: upgrade to HP Diagnostics 8.05 and apply patch version 8.05.54.225. C...
CVE-2016-8522
CVE-2016-8522 concerns a cross-site scripting (XSS) vulnerability in HPE Diagnostics. Multiple sources confirm the affected product is HPE Diagnostics/HP Diagnostics Server, with vulnerable versions specifically cited as 9.24 IP1, 9.26, and 9.26IP1. The root cause is an XSS condition in the web-f...
CVE-2016-8521
CVE-2016-8521 concerns a remote clickjacking vulnerability in HP Diagnostics Server. The affected versions are HPE Diagnostics 9.24 IP1, 9.26, and 9.26IP1. The provided documents identify a clickjacking issue impacting HP Diagnostics but do not include concrete exploit details, root‑cause analysi...