Vulnerability Description
Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Groove | Virtual Office | All versions |
| Hp | Loadrunner | All versions |
| Persits | Xupload | 2.1.0.1 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=full-disclosure&m=119863639428564&w=2Exploit
- http://osvdb.org/39901
- http://secunia.com/advisories/28145Vendor Advisory
- http://secunia.com/advisories/28205Vendor Advisory
- http://secunia.com/advisories/28218Vendor Advisory
- http://www.securityfocus.com/bid/27025Exploit
- http://www.securitytracker.com/id?1019147
- http://www.vupen.com/english/advisories/2007/4310
- http://marc.info/?l=full-disclosure&m=119863639428564&w=2Exploit
- http://osvdb.org/39901
- http://secunia.com/advisories/28145Vendor Advisory
- http://secunia.com/advisories/28205Vendor Advisory
- http://secunia.com/advisories/28218Vendor Advisory
- http://www.securityfocus.com/bid/27025Exploit
- http://www.securitytracker.com/id?1019147
FAQ
What is CVE-2007-6530?
CVE-2007-6530 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remot...
How severe is CVE-2007-6530?
CVE-2007-6530 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6530?
Check the references section above for vendor advisories and patch information. Affected products include: Groove Virtual Office, Hp Loadrunner, Persits Xupload.