CVE-2013-4837 - Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote atta

CVE-2013-4837

Summary

Unspecified vulnerability in Virtual User Generator in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1832.

References

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03969437

Vulnerable Configurations

cpe:2.3:a:hp:loadrunner:9.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:9.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:9.50.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:9.50.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:9.51:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:9.51:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:9.52:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:9.52:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:11.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:11.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:11.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:11.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:-:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:11.51:*:*:*:*:*:*:*
cpe:2.3:a:hp:loadrunner:11.51:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 09-10-2019 - 23:08)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

hp	HPSBMU02935 SSRT101191

saint via4

bid	63475
description	HP LoadRunner Virtual User Generator EmulationAdmin service directory traversal
id	misc_mercuryloadrunnerver
osvdb	99231
title	hp_loadrunner_emulationadmin_trav
type	remote

Last major update

09-10-2019 - 23:08

Published

04-11-2013 - 16:55

Last modified

09-10-2019 - 23:08