CVE-2008-0492

Persits XUpload 3.0.0.4 - Stack-based Buffer Overflow via AddFile Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2008-0492. PoCs published by Metasploit, Elazar, jduck, including Metasploit module exploits/windows/browser/hp_loadrunner_addfile.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in Persits XUpload ActiveX control (version 3.0.0.3) via the AddFile method. It delivers a payload through a malicious HTML page, leveraging SEH overwrite for arbitrary code execution.

Description

Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earlier in Persits XUpload 3.0 allows remote attackers to execute arbitrary code via a long argument to the AddFile method. NOTE: some of these details are obtained from third party information.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16576

This exploit targets a stack buffer overflow in Persits XUpload ActiveX control (version 3.0.0.3) via the AddFile method. It delivers a payload through a malicious HTML page, leveraging SEH overwrite for arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Persits XUpload ActiveX (3.0.0.3) / HP LoadRunner 9.5
No auth needed
Prerequisites: Victim must visit a malicious web page using Internet Explorer with the vulnerable ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Elazar · htmlremotewindows
https://www.exploit-db.com/exploits/4987

This is a buffer overflow exploit targeting Persits XUpload 3.0 via the AddFile() method. It uses a heap spray technique to execute shellcode, with two payloads (calc.exe and a bind shell) encoded in Alpha2 format.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Persits XUpload 3.0 (xupload.ocx 3.0.0.4)
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer 6 · Persits XUpload 3.0 ActiveX control must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/hp_loadrunner_addfile.rb

This Metasploit module exploits a stack buffer overflow in Persits XUpload ActiveX control (version 3.0.0.3) by passing an overly long string to the AddFile method, allowing arbitrary code execution. It uses SEH overwrite techniques and delivers the payload via an HTML page with embedded JavaScript.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Persits XUpload ActiveX control 3.0.0.3 (included in HP LoadRunner 9.5)
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be installed and enabled
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39967
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28660
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0315
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4987
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27456

Scores

EPSS 0.2952
EPSS Percentile 97.9%

Details

CWE
CWE-119
Status published
Products (1)
persits/xupload 3.0
Published Jan 30, 2008
Tracked Since Feb 18, 2026