CVE-2007-1819

critical

Description

Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/33353

http://www.vupen.com/english/advisories/2007/1185

http://www.securityfocus.com/bid/23239

http://www.kb.cert.org/vuls/id/589097

http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument

http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument

http://securitytracker.com/id?1017835

http://secunia.com/advisories/24692

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872

Details

Source: Mitre, NVD

Published: 2007-04-02

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical