CVE-2011-4789

Currently unrated

Key Information:

Vendor: HP
Status: Diagnostics
Vendor: CVE Published:; 13 January 2012

Summary

Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the vulnerable product is actually HP LoadRunner."

References

http://osvdb.org/78309

vdb-entryx_refsource_OSVDB

http://zerodayinitiative.com/advisories/ZDI-12-016/

x_refsource_MISC

http://www.securityfocus.com/bid/51398

vdb-entryx_refsource_BID

EPSS Score

94% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 13, 2012
Vulnerability Reserved
Dec 13, 2011