Detections
Analytics

TestDirector (TD) for Mercury Quality Center SPIDERLib.Loader ActiveX Control (Spider90.ocx) ProgColor Property Overflow (2)

high Nessus Plugin ID 24910

Synopsis

The remote web server hosts an ActiveX control that is affected by a buffer overflow vulnerability.

Description

The remote host is running Mercury Quality Center, a web-based solution for automatic software testing.

The version of Quality Center installed on the remote host hosts an ActiveX control affected by a buffer overflow vulnerability and will serve up a copy of that control if a connecting client does not have the control or has an older version of it. In this way, the remote host could be used as a vector for propagating the control, which might then be exploited remotely to execute arbitrary code on other hosts.

Solution

Apply the appropriate patch referenced in the vendor advisory above to the Quality Control server on the remote host.

See Also

http://www.nessus.org/u?aa0d77e4

https://seclists.org/fulldisclosure/2007/Apr/66

http://www.nessus.org/u?2f05a7e0

http://www.securityfocus.com/advisories/12180

Plugin Details

Severity: High

ID: 24910

File Name: mercury_qc_activex_progcolor_overflow2.nasl

Version: 1.15

Type: local

Family: CGI abuses

Published: 4/3/2007

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/2/2007

Vulnerability Publication Date: 4/2/2007

Exploitable With

CANVAS (D2ExploitPack)

Metasploit (HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow)

Reference Information

CVE: CVE-2007-1819

BID: 23239