3 matches found
CVE-2009-3693
CVE-2009-3693 involves a directory traversal in Persits.XUpload.2 ActiveX control (XUpload.ocx) shipped with HP LoadRunner 9.5. The flaw arises in the MakeHttpRequest method, where sequences like "..\" can cause arbitrary files to be created on the target. Public details describe this as a write-...
CVE-2007-6530
CVE-2007-6530 : Buffer overflow in Persits Software XUpload ActiveX control (AddFolder method) allows remote code execution via a long argument. Affected: XUpload 2.1.0.1 and likely earlier versions (pre-3.0). Products listed in description include HP Mercury LoadRunner and Groove Virtual Office....
CVE-2008-0492
CVE-2008-0492 affects the Persits XUpload ActiveX control (XUpload.ocx 3.0.0.4 and earlier). A stack-based buffer overflow is triggered by a long argument to the AddFile method, allowing remote code execution. The CVSS notes a network vector, no authentication, and partial impact to confidentiali...