Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.
CPE | Name | Operator | Version |
---|---|---|---|
mercury_quality_center | eq | 9.0 | |
mercury_quality_center | eq | 8.2 sp1 |
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872
labs.idefense.com/intelligence/vulnerabilities/display.php?id=497
secunia.com/advisories/24692
securitytracker.com/id?1017835
webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument
webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument
www.kb.cert.org/vuls/id/589097
www.securityfocus.com/bid/23239
www.vupen.com/english/advisories/2007/1185
exchange.xforce.ibmcloud.com/vulnerabilities/33353