HP LoadRunner 11.52 Buffer Overflow RCE (uncredentialed check)
Critical Nessus Plugin ID 83993
SynopsisThe remote host has a software performance testing application running that is affected by a remote code execution vulnerability.
DescriptionThe version of HP LoadRunner running on the remote host is 11.52, and the file 'two_way_comm.dll' is not patched. It is, therefore, affected by a remote code execution vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.
SolutionApply the patch referenced in the vendor advisory.