SAINT CorporationSAINT:8EE5A889EEBF53E0A740F00862F5E234IBM Rational ClearQuest CQOle ActiveX
0.953 High
EPSS
Percentile
99.4%
Added: 05/30/2012
CVE: CVE-2012-0708
BID: 53170
OSVDB: 81443
Background
Rational ClearQuest is an enterprise workflow automation tool. It functions as a bug tracking tool and can act as a CRM or process tracker.
Problem
The ClearQuest web client installs ActiveX modules on the client system. These modules are usable by any website that the user visits. The RegisterSchemaRepoFromFileByDbSe method of the CLEARQUEST.SESSION ActiveX object does not properly sanitize its parameters. Passing an overly long parameter will result in an exploitable heap overflow condition.
Resolution
Upgrade to version 7.1.1.9, 7.1.2.6, or 8.0.0.2, or higher.
References
<http://www-01.ibm.com/support/docview.wss?uid=swg21591705>
Limitations
This exploit has been tested against IBM Rational ClearQuest 7.1.2 on Windows XP SP3 English (DEP OptIn) using Internet Explorer 7.
Platforms
Windows
Related
