CVE-2011-4789

critical HPE
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
78.5%
Exploitation probability in 30 days
Top 1% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: January 13, 2012 (5235 days ago)
Last Modified: April 29, 2026
Vendor: HPE
Source: NVD

Description

Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the vulnerable product is actually HP LoadRunner."

CWE

CWE-119

Affected Products

hp diagnostics

References

🔗 h20565.www2.hp.com 🔗 osvdb.org 🔗 www.securityfocus.com 🔗 zerodayinitiative.com 🔗 h20565.www2.hp.com