Lucene search
K

4 matches found

Zero Day Initiative
Zero Day Initiative
added 2012/06/28 12:0 a.m.80 views

IBM Rational ClearQuest CQOle ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Rational ClearQuest. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CQOl...

7.5CVSS3.7AI score0.3095EPSS
Exploits10References1
Tenable Nessus
Tenable Nessus
added 2012/05/29 12:0 a.m.71 views

IBM Rational ClearQuest 7.1.1.x < 7.1.1.9 / 7.1.2.x < 7.1.2.6 / 8.0.0.x < 8.0.0.2 Multiple Vulnerabilities (credentialed check)

The remote host is running a version of IBM Rational ClearQuest 7.1.1.x prior to 7.1.1.9 / 7.1.2.x prior to 7.1.2.6 / 8.0.0.x prior to 8.0.0.2 installed. It is, therefore, affected by the following vulnerabilities : - A SQL injection vulnerability exists in the ClearQuest Maintenance tool when...

9.3CVSS6.5AI score0.3095EPSS
Exploits10References4
Prion
Prion
added 2012/04/22 6:55 p.m.29 views

Heap overflow

Heap-based buffer overflow in the Ole API in the CQOle ActiveX control in cqole.dll in IBM Rational ClearQuest 7.1.1 before 7.1.1.9, 7.1.2 before 7.1.2.6, and 8.0.0 before 8.0.0.2 allows remote attackers to execute arbitrary code via a crafted web page that leverages a...

9.3CVSS8.3AI score0.3095EPSS
Exploits10References6Affected Software1
CVE
CVE
added 2012/04/22 6:0 p.m.156 views

CVE-2012-0708

CVE-2012-0708 is an in-application heap-based buffer overflow in the CQOle ActiveX control (cqole.dll) of IBM Rational ClearQuest. The overflow arises from a function prototype mismatch in RegisterSchemaRepoFromFileByDbSet, enabling remote code execution on Windows if CQOle DLLs are installed and...

9.3CVSS7.8AI score0.3095EPSS
Exploits10References6Affected Software1
Rows per page
Query Builder