Vulnerability Details : CVE-2013-4800
Public exploit exists!
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.
Vulnerability category: Execute code
Products affected by CVE-2013-4800
- cpe:2.3:a:hp:loadrunner:*:*:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:9.52:*:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:11.50:*:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:11.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:9.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:9.50.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:loadrunner:9.51:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-4800
96.97%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2013-4800
-
HP LoadRunner magentproc.exe Overflow
Disclosure Date: 2013-07-27First seen: 2020-04-26exploit/windows/misc/hp_loadrunner_magentprocThis module exploits a stack buffer overflow in HP LoadRunner before 11.52. The vulnerability exists on the LoadRunner Agent Process magentproc.exe. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. Authors: - Unknown - juan
CVSS scores for CVE-2013-4800
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2013-4800
-
http://www.zerodayinitiative.com/advisories/ZDI-13-169
ZDI-13-169 | Zero Day Initiative
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/85960
HP LoadRunner SSL connection buffer overflow CVE-2013-4800 Vulnerability Report
-
http://packetstormsecurity.com/files/123533
HP LoadRunner magentproc.exe Overflow ≈ Packet Storm
-
http://www.securityfocus.com/bid/61446
HP LoadRunner CVE-2013-4800 Remote Code Execution Vulnerability
-
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03862772
HP Support for Technical Help and Troubleshooting | HP® Customer Service.Vendor Advisory
Jump to