Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-0708
HistoryApr 22, 2012 - 6:55 p.m.

CVE-2012-0708

2012-04-2218:55:03
CWE-119
[email protected]
web.nvd.nist.gov
122
cve-2012-0708
buffer overflow
ole api
cqole activex control
ibm rational clearquest
security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.961 High

EPSS

Percentile

99.5%

JSON

Heap-based buffer overflow in the Ole API in the CQOle ActiveX control in cqole.dll in IBM Rational ClearQuest 7.1.1 before 7.1.1.9, 7.1.2 before 7.1.2.6, and 8.0.0 before 8.0.0.2 allows remote attackers to execute arbitrary code via a crafted web page that leverages a RegisterSchemaRepoFromFileByDbSet function-prototype mismatch.

Affected configurations

NVD
Node
ibmrational_clearquestMatch7.1.1
OR
ibmrational_clearquestMatch7.1.1.1
OR
ibmrational_clearquestMatch7.1.1.2
OR
ibmrational_clearquestMatch7.1.1.3
OR
ibmrational_clearquestMatch7.1.1.4
Node
ibmrational_clearquestMatch7.1.2
OR
ibmrational_clearquestMatch7.1.2.1
OR
ibmrational_clearquestMatch7.1.2.2
OR
ibmrational_clearquestMatch7.1.2.3
OR
ibmrational_clearquestMatch7.1.2.4
OR
ibmrational_clearquestMatch7.1.2.5
OR
ibmrational_clearquestMatch7.1.2.6
Node
ibmrational_clearquestMatch8.0.0
OR
ibmrational_clearquestMatch8.0.0.1

Related

nvd 1
zdi 1
saint 4
packetstorm 1
seebug 1
checkpoint_advisories 1
d2 1
ibm 1
prion 1
cvelist 1
nessus 1
nvd
nvd
CVE-2012-0708
2012-04-22 18:55:03
zdi
zdi
IBM Rational ClearQuest CQOle ActiveX Control Remote Code Execution Vulnerability
2012-06-28 00:00:00
saint
saint
IBM Rational ClearQuest CQOle ActiveX
2012-05-30 00:00:00
IBM Rational ClearQuest CQOle ActiveX
2012-05-30 00:00:00
IBM Rational ClearQuest CQOle ActiveX
2012-05-30 00:00:00
packetstorm
packetstorm
IBM Rational ClearQuest CQOle Remote Code Execution
2012-07-03 00:00:00
seebug
seebug
IBM Rational ClearQuest 'cqole.dll' ActiveX ζŽ§δ»Άε †ηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž(CVE-2012-0708)
2012-07-04 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM Rational ClearQuest CQOle ActiveX Code Execution (CVE-2012-0708)
2012-07-02 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_CLEARQUEST
2012-04-22 18:55:00
ibm
ibm
Security Bulletin: Rational ClearQuest CQOle ActiveX Control Remote Execution Vulnerability (CVE-2012-0708)
2018-06-17 04:36:55
prion
prion
Heap overflow
2012-04-22 18:55:00
cvelist
cvelist
CVE-2012-0708
2012-04-22 18:00:00
nessus
nessus
IBM Rational ClearQuest 7.1.1.x < 7.1.1.9 / 7.1.2.x < 7.1.2.6 / 8.0.0.x < 8.0.0.2 Multiple Vulnerabilities (credentialed check)
2012-05-29 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.961 High

EPSS

Percentile

99.5%

JSON
Related for CVE-2012-0708
nvd1zdi1saint4packetstorm1seebug1checkpoint_advisories1d21ibm1prion1cvelist1nessus1