CVE Vulnerability

CVE-2007-1819

Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.

9.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument
http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument
http://www.kb.cert.org/vuls/id/589097 US Government Resource
http://securitytracker.com/id?1017835
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497
http://www.securityfocus.com/bid/23239
http://secunia.com/advisories/24692
http://www.vupen.com/english/advisories/2007/1185 Vendor Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872
https://exchange.xforce.ibmcloud.com/vulnerabilities/33353
Configurations

Configuration 1

cpe:2.3:a:hp:mercury_quality_center:9.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:mercury_quality_center:8.2:sp1:*:*:*:*:*:*
Information

Published : 2007-04-02 11:19

Updated : 2017-07-29 01:31

NVD link : CVE-2007-1819

Mitre link : CVE-2007-1819

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer