Lucene search
AnonymousEDB-ID:37643HistoryAug 27, 2012 - 12:00 a.m.
IBM Rational ClearQuest 8.0 - Multiple Vulnerabilities
2012-08-2700:00:00
anonymous
www.exploit-db.com
49
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/55125/info
IBM Rational ClearQuest is prone to the following security vulnerabilities:
1. An HTML-injection vulnerability.
2. Multiple information-disclosure vulnerabilities.
3. A security-bypass vulnerability.
Attackers may leverage these issues to obtain potentially sensitive session information, bypass certain security restrictions, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, or control how the site is rendered to the user; other attacks are also possible.
The following versions are affected:
IBM Rational ClearQuest 7.1.x through versions 7.1.2.7
IBM Rational ClearQuest 8.x through versions 8.0.0.3
https://www.example.com/snoop
https://www.example.com/hello
https://www.example.com/ivt/
https://www.example.com/hitcount
https://www.example.com/HitCount.jsp
https://www.example.com/HelloHTMLError.jsp
https://www.example.com/HelloHTML.jsp
https://www.example.com/HelloVXMLError.jsp
https://www.example.com/HelloVXML.jsp
https://www.example.com/HelloWMLError.jsp
https://www.example.com/HelloWML.jsp
https://www.example.com/cqweb/j_security_check Related
ibm
ibm
Security Bulletin: ClearQuest Web leftover scripts (CVE-2012-0744)
2018-06-17 04:39:04
prion
prion
Design/Logic Flaw
2012-08-17 20:55:00
nessus
nessus
openvas
openvas
IBM Rational ClearQuest Multiple Information Disclosure Vulnerabilities
2013-06-03 00:00:00
IBM Rational ClearQuest Multiple Information Disclosure Vulnerabilities
2013-06-03 00:00:00
cvelist
cvelist
CVE-2012-0744
2012-08-17 20:00:00
nvd
nvd
CVE-2012-0744
2012-08-17 20:55:01
cve
cve
CVE-2012-0744
2012-08-17 20:55:01