CVE-2009-3693

Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://retrogod.altervista.org/9sg_hp_loadrunner.html	Exploit
http://secunia.com/advisories/36898	Vendor Advisory
http://retrogod.altervista.org/9sg_hp_loadrunner.html	Exploit
http://secunia.com/advisories/36898	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:persits:xupload:2.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:loadrunner:9.5:*:*:*:*:*:*:*

History

21 Nov 2024, 01:07

Type	Values Removed	Values Added
References	~~() http://retrogod.altervista.org/9sg_hp_loadrunner.html - Exploit~~	() http://retrogod.altervista.org/9sg_hp_loadrunner.html - Exploit
References	~~() http://secunia.com/advisories/36898 - Vendor Advisory~~	() http://secunia.com/advisories/36898 - Vendor Advisory

Information

Published : 2009-10-13 10:30

Updated : 2024-11-21 01:07

NVD link : CVE-2009-3693

Mitre link : CVE-2009-3693

CVE.ORG link : CVE-2009-3693

JSON object : View

Products Affected

hp

loadrunner

persits

xupload

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2009-3693", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-10-13T10:30:00.717", "references": [{"url": "http://retrogod.altervista.org/9sg_hp_loadrunner.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/36898", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://retrogod.altervista.org/9sg_hp_loadrunner.html", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/36898", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \\.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en el control Vulnerabilidad de salto de directorio en (XUpload.ocx) en HP LoadRunner v9.5 permite a atacantes remotos crear archivos a su elecci\u00f3n a trav\u00e9s de la secuencia \\.. (barra invertida punto punto) en el tercer argumento en el m\u00e9todo MakeHttpRequest."}], "lastModified": "2024-11-21T01:07:58.437", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:persits:xupload:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F151EAF-714D-4E3E-BBCF-26D416865D4B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:loadrunner:9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11C140E6-D09F-4B81-A1E0-F7661855FC5D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}