IBM Rational ClearQuest ActiveX Control Buffer Overflow Vulnerability
Versions 7.1.1 through 18.104.22.168, 8.0, and 22.214.171.124.
A vulnerability was reported in IBM Rational ClearQuest. A remote user can cause arbitrary code to be executed on the target user's system.
The vulnerability is caused due to a function prototype mismatch in the "RegisterSchemaRepoFromFileByDbSet()" function in the IBM Rational ClearQuest ActiveX control (cqole.dll). This can be exploited to cause a heap-based buffer overflow by tricking a user into visiting a malicious website.
Successful exploitation may allow execution of arbitrary code.
The vendor has issued a fix (ClearQuest version: 126.96.36.199, 188.8.131.52, 184.108.40.206).