You are here

U-154: IBM Rational ClearQuest ActiveX Control Buffer Overflow Vulnerability

April 24, 2012 - 7:00am

Addthis

PROBLEM:

IBM Rational ClearQuest ActiveX Control Buffer Overflow Vulnerability

PLATFORM:

Versions 7.1.1 through 7.1.2.5, 8.0, and 8.0.0.1.

ABSTRACT:

A vulnerability was reported in IBM Rational ClearQuest. A remote user can cause arbitrary code to be executed on the target user's system.

reference links:

SecurityTracker Alert ID: 1026958
Secunia Advisory SA48933
CVE-2012-0708

IMPACT ASSESSMENT:

High

Discussion:

The vulnerability is caused due to a function prototype mismatch in the "RegisterSchemaRepoFromFileByDbSet()" function in the IBM Rational ClearQuest ActiveX control (cqole.dll). This can be exploited to cause a heap-based buffer overflow by tricking a user into visiting a malicious website.

Impact:

Successful exploitation may allow execution of arbitrary code.

Solution:

The vendor has issued a fix (ClearQuest version: 7.1.1.9, 7.1.2.6, 8.0.0.2).

Addthis