ID CVE-2013-4798
Summary Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705.
References
Vulnerable Configurations
  • HP Loadrunner 11.51
    cpe:2.3:a:hp:loadrunner:11.51
  • HP Loadrunner 11.50
    cpe:2.3:a:hp:loadrunner:11.50
  • HP Loadrunner 11.0.0.0
    cpe:2.3:a:hp:loadrunner:11.0.0.0
  • HP Loadrunner 9.0.0
    cpe:2.3:a:hp:loadrunner:9.0.0
  • HP Loadrunner 9.50.0
    cpe:2.3:a:hp:loadrunner:9.50.0
  • HP Loadrunner 9.51
    cpe:2.3:a:hp:loadrunner:9.51
  • HP Loadrunner 9.52
    cpe:2.3:a:hp:loadrunner:9.52
CVSS
Base: 10.0 (as of 29-07-2013 - 10:46)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution. CVE-2013-4798. Remote exploit for windows platform
id EDB-ID:28083
last seen 2016-02-03
modified 2013-09-04
published 2013-09-04
reporter metasploit
source https://www.exploit-db.com/download/28083/
title HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
metasploit via4
description This module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileString method, which allow the user to write arbitrary files. It's abused to drop a payload embedded in a dll, which is later loaded through the Init() method from the lrMdrvService control, by abusing an insecure LoadLibrary call. This module has been tested successfully on IE8 on Windows XP. Virtualization based on the Low Integrity Process, on Windows Vista and 7, will stop this module because the DLL will be dropped to a virtualized folder, which isn't used by LoadLibrary.
id MSF:EXPLOIT/WINDOWS/BROWSER/HP_LOADRUNNER_WRITEFILESTRING
last seen 2019-03-15
modified 2017-07-24
published 2013-08-29
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/hp_loadrunner_writefilestring.rb
title HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
packetstorm via4
data source https://packetstormsecurity.com/files/download/123086/hp_loadrunner_writefilestring.rb.txt
id PACKETSTORM:123086
last seen 2016-12-05
published 2013-09-04
reporter juan vazquez
source https://packetstormsecurity.com/files/123086/HP-LoadRunner-lrFileIOService-ActiveX-WriteFileString-Remote-Code-Execution.html
title HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
refmap via4
bid 61443
hp
  • HPSBGN02905
  • SSRT101074
osvdb 95642
xf hp-loadrunner-cve20134798-code-exec(85958)
saint via4
bid 61443
description HP LoadRunner lrFileIOService ActiveX WriteFileString Method Traversal Vulnerability
id misc_mercuryloadrunnerver
osvdb 95642
title hp_loadrunner_lrfileioservice_writefilestring_traversal
type client
Last major update 22-08-2013 - 02:54
Published 29-07-2013 - 09:59
Last modified 28-08-2017 - 21:33
Back to Top