Vulnerability Details CVE-2011-4789
Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the vulnerable product is actually HP LoadRunner."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.796
EPSS Ranking 99.0%
CVSS Severity
CVSS v2 Score 10.0
References
- http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03216705
- http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03216705
- http://osvdb.org/78309
- http://www.securityfocus.com/bid/51398
- http://zerodayinitiative.com/advisories/ZDI-12-016/
- http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03216705
- http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03216705
- http://osvdb.org/78309
- http://www.securityfocus.com/bid/51398
- http://zerodayinitiative.com/advisories/ZDI-12-016/
Products affected by CVE-2011-4789
-
cpe:2.3:a:hp:diagnostics:9.24
-
cpe:2.3:a:hp:diagnostics:9.26