Remote Code Execution Vulnerability in HP LoadRunner by HP
CVE-2011-0272

Currently unrated

Key Information:

Vendor: HP
Status: Loadrunner
Vendor: CVE Published:; 18 January 2011

Summary

An unspecified vulnerability in HP LoadRunner version 9.52 can be exploited by remote attackers to execute arbitrary code through malicious network traffic directed at TCP ports 5001 or 5002. This issue is specifically tied to the application's HttpTunnel feature, which, when compromised, allows unauthorized actions on the affected systems. It is crucial for users of this product to apply the necessary security updates to mitigate the risk.

References

http://secunia.com/advisories/42898

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/64659

vdb-entryx_refsource_XF

http://securitytracker.com/id?1024956

vdb-entryx_refsource_SECTRACK

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 18, 2011
Vulnerability Reserved
Dec 23, 2010