11 matches found
CVE-2010-1549
CVE-2010-1549 affects HP LoadRunner Agent (Windows) prior to v9.50 and HP Performance Center prior to v9.50. The vulnerability lies in the magentproc.exe TCP service (port 54345) where a crafted, unauthenticated packet can trigger remote code execution (context: SYSTEM). Publicly documented explo...
CVE-2016-4359
CVE-2016-4359 involves a stack-based buffer overflow in mchan.dll of HPE LoadRunner/Performance Center. The flaw occurs when constructing a shared memory/file name or processing a long -server_name value, allowing an unauthenticated attacker to remotely execute arbitrary code. Affected products i...
CVE-2017-14359
CVE-2017-14359 describes a cross-site scripting vulnerability in HPE Performance Center 12.20 . The issue arises from the product failing to filter user-submitted input, enabling a remote attacker to execute script code in the context of an affected web interface. Connected documents corroborate ...
CVE-2016-4360
The CVE-2016-4360 issue affects Hewlett Packard Enterprise LoadRunner/Performance Center components (notably the Virtual Table Server import_csv feature). The root cause is that web/admin/data.js in the VTS component does not restrict file paths sent to unlink, enabling an unauthenticated remote ...
CVE-2017-8953
CVE-2017-8953 describes a remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center v12.53 and earlier. The root cause is improper input filtering of user-submitted content, allowing attacker-controlled input to be reflected in a vulnerable co...
CVE-2016-4361
CVE-2016-4361 affects HP LoadRunner and HP Performance Center. Multiple components (e.g., magentservice.exe) are vulnerable to remote denial of service via malformed requests (xdr_string handling) or related malformed packets, allowing a remote attacker to crash the service. Affected products/ver...
CVE-2017-5789
CVE-2017-5789 affects HP LoadRunner (before 12.53 Patch 4) and HP Performance Center (before 12.53 Patch 4). The root cause is a heap‑based buffer overflow in the libxdrutil.dll mxdr_string function, due to insufficient validation of user data length. This leads to remote code execution without a...
CVE-2015-6857
CVE-2015-6857 affects HP LoadRunner’s Virtual Table Server (VTS). The vulnerability enables remote code execution in VTS via unauthenticated access, with HP/Nessus/ZDI references detailing concrete vectors: HP LoadRunner VTS running 11.52, 12.00, 12.01, 12.02, or 12.50 is exploitable through a re...
CVE-2016-4384
CVE-2016-4384 applies to HPE LoadRunner and HP Performance Center prior to version 12.50. The vulnerability is a remote denial-of-service caused by improper handling of malformed packets in the mchan.dll component. Several connected sources (NVD entry, Nessus plugins) confirm a remote DoS impact ...
CVE-2016-8512
CVE-2016-8512 concerns a remote code execution in all versions of HP LoadRunner and Performance Center via the MMS protocol. The connected sources identify a buffer overflow/RCE in the MMS handling (MMS Protocol Buffer Overflow) that can be exploited remotely by an unauthenticated attacker to exe...
CVE-2016-4382
CVE-2016-4382 affects HP/HPE Performance Center versions 11.52, 12.00, 12.01, 12.20 and 12.50. The issue allows remote attackers to bypass intended access restrictions via unspecified vectors due to a “remote user validation failure.” Exploitation is described as remote, but concrete attack vecto...