|Date: (C)2007-12-27 (M)2015-12-16|| |
Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 18.104.22.168, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.
|CVSS Score: 9.3||Access Vector: NETWORK|
|Exploit Score: 8.6||Access Complexity: MEDIUM|
|Impact Score: 10.0||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|