Critical severity9.8NVD Advisory· Published Oct 11, 2017· Updated May 13, 2026

CVE-2017-5789

Description

HPE LoadRunner before 12.53 Patch 4 and HPE Performance Center before 12.53 Patch 4 allow remote attackers to execute arbitrary code via unspecified vectors. At least in LoadRunner, this is a libxdrutil.dll mxdr_string heap-based buffer overflow.

Affected products

HP/Loadrunner
cpe:2.3:a:hp:loadrunner:*:*:*:*:*:*:*:*
Range: <=12.53
HP/Performance Center
cpe:2.3:a:hp:performance_center:*:*:*:*:*:*:*:*
Range: <=12.53

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/101224nvdThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/96774nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038028nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038029nvdThird Party AdvisoryVDB Entry
www.zerodayinitiative.com/advisories/ZDI-17-160/nvdThird Party AdvisoryVDB Entry
h20566.www2.hpe.com/hpsc/doc/public/displaynvdVendor Advisory
www.tenable.com/security/research/tra-2017-13nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.027
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000