- Description
- Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:mercury_quality_center:8.2:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA438217-B2C1-4391-9CFE-A902F01F1C0E"
},
{
"criteria": "cpe:2.3:a:hp:mercury_quality_center:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C357686A-D5A5-439A-A14A-FF5B53F0CCEF"
}
],
"operator": "OR"
}
]
}
]