CVE-2011-0272

Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/70432
http://secunia.com/advisories/42898	Vendor Advisory
http://securitytracker.com/id?1024956
http://www.securityfocus.com/archive/1/515682
http://www.securityfocus.com/bid/45792
http://www.vupen.com/english/advisories/2011/0095	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/64659

Configurations

Configuration 1 (hide)

cpe:2.3:a:hp:loadrunner:9.52:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-01-18 18:03

Updated : 2024-02-28 11:41

NVD link : CVE-2011-0272

Mitre link : CVE-2011-0272

CVE.ORG link : CVE-2011-0272

JSON object : View

Products Affected

hp

loadrunner

CWE

NVD-CWE-noinfo

{"id": "CVE-2011-0272", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-01-18T18:03:08.317", "references": [{"url": "http://osvdb.org/70432", "source": "hp-security-alert@hp.com"}, {"url": "http://secunia.com/advisories/42898", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "http://securitytracker.com/id?1024956", "source": "hp-security-alert@hp.com"}, {"url": "http://www.securityfocus.com/archive/1/515682", "source": "hp-security-alert@hp.com"}, {"url": "http://www.securityfocus.com/bid/45792", "source": "hp-security-alert@hp.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0095", "tags": ["Vendor Advisory"], "source": "hp-security-alert@hp.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64659", "source": "hp-security-alert@hp.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature."}, {"lang": "es", "value": "Vulnerabilidad no especificada en HP LoadRunner v9.52 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de tr\u00e1fico de red al puerto TCP 5001 o 5002, relacionado con la caracter\u00edstica HttpTunnel."}], "lastModified": "2017-08-17T01:33:25.697", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hp:loadrunner:9.52:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77B188D2-A07C-427E-BDFB-DB95655CD87B"}], "operator": "OR"}]}], "sourceIdentifier": "hp-security-alert@hp.com"}