Vulnerability Details : CVE-2011-1205
Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1.4 in IBM Rational ClearCase 7.0.0.4 through 7.1.1.4, ClearQuest 7.0.0.4 through 7.1.1.4, and other products allow local users to gain privileges via a Trojan horse HTML document in the My Computer zone.
Products affected by CVE-2011-1205
- cpe:2.3:a:ibm:rational_clearquest:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.0.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearcase:7.1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_common_licensing:7.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1205
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 13 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1205
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
CWE ids for CVE-2011-1205
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1205
-
http://www.vupen.com/english/advisories/2011/0832
Webmail | OVH- OVH
-
http://www.securitytracker.com/id?1025269
IBM Rational ClearQuest Licensing Component Lets Local Users Gain Elevated Privileges - SecurityTracker
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/66304
Vulnerability Report
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/66324
IBM Rational Licensing could allow code execution CVE-2011-1205 Vulnerability Report
-
http://www.securitytracker.com/id?1025268
IBM AppScan Licensing Component Lets Local Users Gain Elevated Privileges - SecurityTracker
-
http://www.ibm.com/support/docview.wss?uid=swg21470998
IBM Security Bulletin: Vulnerability in Rational Licensing could allow code executionVendor Advisory
Jump to