CVE-2007-5289

high

Description

HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture (OTA) API, as demonstrated by modifying (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\TD_80, and then setting the file's properties to read-only.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/48860

http://www.securityfocus.com/bid/33854

http://www.securityfocus.com/archive/1/501219/100/0/threaded

http://www.securityfocus.com/archive/1/501177/100/0/threaded

http://www.kb.cert.org/vuls/id/898865

http://secunia.com/advisories/34046

http://secunia.com/advisories/34015

http://blogs.exposit.co.uk/2009/02/23/vulnerability-in-quality-center/

Details

Source: Mitre, NVD

Published: 2009-02-24

Updated: 2026-04-23

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.08683