HP.LoadRunner.XUpload.MakeHttpRequest.ActiveX.Control.Access
Description
This indicates an attack attempt against an arbitrary file download and execute vulnerability in HP LoadRunner.
The vulnerability is caused by an error when the Persits.XUpload ActiveX control handles a specially crafted web page. It allows a remote attacker to overwrite credential files on the target system.
Affected Products
HP Mercury LoadRunner Agent 9.5
Impact
System Compromise
Security Bypass
Recommended Actions
Set the kill bit for the CLSID {E87F6C8E-16C0-11D3-BEF7-009027438003}.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |