IBM Rational ClearQuest CQOle Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

IBM Rational ClearQuest CQOle - Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...

IBM Rational ClearQuest CQOle Remote Code Execution

This module exploits a function prototype mismatch on the CQOle ActiveX control in IBM Rational ClearQuest HttpClients::IE, :uaminver = "6.0", :uamaxver = "7.0", :javascript = true, :osname = OperatingSystems::Match::WINDOWS, :classid = "94773112-72E8-11D0-A42E-00A024DED613", :method =...

IBM Rational ClearQuest CQOle Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...

IBM Rational ClearQuest CQOle ActiveX Code Execution (CVE-2012-0708)

A remote code execution vulnerability has been reported in IBM Rational ClearQuest...

IBM Rational ClearQuest CQOle ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Rational ClearQuest. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CQOl...

IBM Rational ClearQuest CQOle ActiveX

Added: 05/30/2012 CVE: CVE-2012-0708 BID: 53170 OSVDB: 81443 Background Rational ClearQuest is an enterprise workflow automation tool. It functions as a bug tracking tool and can act as a CRM or process tracker. Problem The ClearQuest web client installs ActiveX modules on the client system. Thes...

IBM Rational ClearQuest 7.1.1.x < 7.1.1.9 / 7.1.2.x < 7.1.2.6 / 8.0.0.x < 8.0.0.2 Multiple Vulnerabilities (credentialed check)

The remote host is running a version of IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.9 / 7.1.2.x prior to 7.1.2.6 / 8.0.0.x prior to 8.0.0.2 installed. It is, therefore, affected by the following vulnerabilities : - A SQL injection vulnerability exists in the ClearQuest Maintenance tool when...

Heap overflow

Heap-based buffer overflow in the Ole API in the CQOle ActiveX control in cqole.dll in IBM Rational ClearQuest 7.1.1 before 7.1.1.9, 7.1.2 before 7.1.2.6, and 8.0.0 before 8.0.0.2 allows remote attackers to execute arbitrary code via a crafted web page that leverages a...

DSquare Exploit Pack: D2SEC_CLEARQUEST

Name| d2secclearquest ---|--- CVE| CVE-2012-0708 Exploit Pack| D2ExploitPack Description| IBM Rational ClearQuest CQOle ActiveX Code Execution Vulnerability Notes|...

CVE-2012-0708

CVE-2012-0708 is an in-application heap-based buffer overflow in the CQOle ActiveX control (cqole.dll) of IBM Rational ClearQuest. The overflow arises from a function prototype mismatch in RegisterSchemaRepoFromFileByDbSet, enabling remote code execution on Windows if CQOle DLLs are installed and...

CVE-2012-0708

Heap-based buffer overflow in the Ole API in the CQOle ActiveX control in cqole.dll in IBM Rational ClearQuest 7.1.1 before 7.1.1.9, 7.1.2 before 7.1.2.6, and 8.0.0 before 8.0.0.2 allows remote attackers to execute arbitrary code via a crafted web page that leverages a...