CVE-2007-6530

Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=full-disclosure&m=119863639428564&w=2	Exploit
http://www.securityfocus.com/bid/27025	Exploit
http://secunia.com/advisories/28145	Vendor Advisory
http://secunia.com/advisories/28205	Vendor Advisory
http://secunia.com/advisories/28218	Vendor Advisory
http://www.securitytracker.com/id?1019147
http://osvdb.org/39901
http://www.vupen.com/english/advisories/2007/4310

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:persits:xupload:2.1.0.1:::::::*
	cpe:2.3:a:groove:virtual_office::::::::
	cpe:2.3:a:hp:loadrunner::::::::

Information

Published : 2007-12-27 14:46

Updated : 2011-03-07 19:03

NVD link : CVE-2007-6530

Mitre link : CVE-2007-6530

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

Products Affected

hp

loadrunner

groove

virtual_office

persits

xupload

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://marc.info/?l=full-disclosure&m=119863639428564&w=2", "name": "20071225 Persits Software XUpload.ocx Buffer Overflow", "tags": ["Exploit"], "refsource": "FULLDISC"}, {"url": "http://www.securityfocus.com/bid/27025", "name": "27025", "tags": ["Exploit"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/28145", "name": "28145", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/28205", "name": "28205", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/28218", "name": "28218", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1019147", "name": "1019147", "tags": [], "refsource": "SECTRACK"}, {"url": "http://osvdb.org/39901", "name": "39901", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/4310", "name": "ADV-2007-4310", "tags": [], "refsource": "VUPEN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-6530", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2007-12-27T22:46Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:persits:xupload:2.1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:groove:virtual_office:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:loadrunner:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-03-08T03:03Z"}