APP: HPE LoadRunner and Performance Center libxdrutil.dll mxdr_string Heap Buffer Overflow

A heap buffer overflow vulnerability exists in HP LoadRunner and Performance Center. Successful exploitation could result in execution of arbitrary code within the context of SYSTEM.

Extended Description

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.

Affected Products

Hp performance_center

References

CVE: CVE-2017-5789

Short Name
APP:CVE-2017-5789-OV
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2017-5789 Center HPE Heap LoadRunner Overflow Performance and libxdrutil.dll mxdr_string
Release Date
04/25/2017
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3590
Port
TCP/54345
False Positive
Unknown
Vendors

Hp

CVSS Score

7.5

Found a potential security threat?