Lucene search
Tenable Network SecurityZDI-17-160HistoryMar 09, 2017 - 12:00 a.m.
Hewlett Packard Enterprise LoadRunner libxdrutil mxdr_string Heap-based Buffer Overflow Remote Code Execution Vulnerability
2017-03-0900:00:00
Tenable Network Security
www.zerodayinitiative.com
13
0.162 Low
EPSS
Percentile
96.0%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the libxdrutil.dll mxdr_string method. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
nessus
nessus
HP Performance Center < 12.53 Patch 4 libxdrutil.dll mxdr_string() RCE
2017-03-22 00:00:00
HPE LoadRunner < 12.53 Patch 4 libxdrutil.dll mxdr_string() RCE
2017-03-22 00:00:00
nvd
nvd
CVE-2017-5789
2017-10-11 21:29:00
openvas
openvas
HPE LoadRunner 'libxdrutil.dll mxdr_string method' RCE Vulnerability
2017-04-25 00:00:00
cve
cve
CVE-2017-5789
2017-10-13 02:00:00
cvelist
cvelist
CVE-2017-5789
2017-10-13 02:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Heap overflow
2017-10-11 21:29:00