Intrusion Prevention

Persists.XUpload.ActiveX.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer overflow vulnerability in Persists Software's XUpload.
There is a buffer overflow vulnerability in the "AddFolder()" method of the XUpload control. It allows a remote attacker to execute arbitrary code via a crafted web page.

Affected Products

Persits XUpload 2.1 1
HP LoadRunner 9.0 0
HP LoadRunner 8.1 0
Groove Networks Virtual Office 3.1.1 2390

Impact

System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patches for this issue.

CVE References

CVE-2008-0492 CVE-2007-6530