Detections
Analytics

TestDirector (TD) for Mercury Quality Center SPIDERLib.Loader ActiveX Control (Spider90.ocx) ProgColor Property Overflow

high Nessus Plugin ID 24909

Synopsis

The remote Windows host has an ActiveX control that is susceptible to a buffer overflow vulnerability.

Description

The Windows remote host contains an ActiveX control used by Mercury Quality Center, a web-based solution for automatic software testing.

The version of this ActiveX control on the remote host reportedly contains a buffer overflow vulnerability in its 'ProgColor' property.
By setting the property to an overly long value, a remote attacker may be able to leverage this issue to execute arbitrary code on the remote host subject to the privileges of the current user.

Solution

Either remove the control if Quality Center access is not needed or apply the appropriate patch referenced in the vendor advisory above to the Quality Control server and browse the Quality Control server's Site Administration page to update the control on the remote host.

See Also

http://www.nessus.org/u?aa0d77e4

https://seclists.org/fulldisclosure/2007/Apr/66

http://www.nessus.org/u?2f05a7e0

http://www.securityfocus.com/advisories/12180

Plugin Details

Severity: High

ID: 24909

File Name: mercury_qc_activex_progcolor_overflow.nasl

Version: 1.15

Type: local

Agent: windows

Family: Windows

Published: 4/3/2007

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/2/2007

Vulnerability Publication Date: 4/2/2007

Exploitable With

CANVAS (D2ExploitPack)

Metasploit (HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow)

Reference Information

CVE: CVE-2007-1819

BID: 23239