Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6530

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-6530
Last Modified 07 Mar 2011 10:03:07
Published 27 Dec 2007 05:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6530

Summary

Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.

Vulnerable Systems

Application

  • Groove Virtual Office

  • Hp Loadrunner

  • Persits Xupload 2.1.0.1


References

VUPEN - ADV-2007-4310

BID - 27025

SECUNIA - 28218

SECUNIA - 28205

SECUNIA - 28145

OSVDB - 39901

FULLDISC - 20071225 Persits Software XUpload.ocx Buffer Overflow

SECTRACK - 1019147


Last Updated: 27 May 2016 10:46:31