CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.7%
Added: 05/30/2012
CVE: CVE-2012-0708
BID: 53170
OSVDB: 81443
Rational ClearQuest is an enterprise workflow automation tool. It functions as a bug tracking tool and can act as a CRM or process tracker.
The ClearQuest web client installs ActiveX modules on the client system. These modules are usable by any website that the user visits. The RegisterSchemaRepoFromFileByDbSe method of the CLEARQUEST.SESSION ActiveX object does not properly sanitize its parameters. Passing an overly long parameter will result in an exploitable heap overflow condition.
Upgrade to version 7.1.1.9, 7.1.2.6, or 8.0.0.2, or higher.
<http://www-01.ibm.com/support/docview.wss?uid=swg21591705>
This exploit has been tested against IBM Rational ClearQuest 7.1.2 on Windows XP SP3 English (DEP OptIn) using Internet Explorer 7.
Windows