Vulnerability Details : CVE-2012-0708
Public exploit exists!
Heap-based buffer overflow in the Ole API in the CQOle ActiveX control in cqole.dll in IBM Rational ClearQuest 7.1.1 before 7.1.1.9, 7.1.2 before 7.1.2.6, and 8.0.0 before 8.0.0.2 allows remote attackers to execute arbitrary code via a crafted web page that leverages a RegisterSchemaRepoFromFileByDbSet function-prototype mismatch.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2012-0708
96.55%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2012-0708
-
IBM Rational ClearQuest CQOle Remote Code Execution
Disclosure Date: 2012-05-19First seen: 2020-04-26exploit/windows/browser/clear_quest_cqoleThis module exploits a function prototype mismatch on the CQOle ActiveX control in IBM Rational ClearQuest < 7.1.1.9, < 7.1.2.6 or < 8.0.0.2 which allows reliable remote code execution when DEP isn't enabled. Authors: - Andrea Micalizzi aka rgod - juan vazquez <
CVSS scores for CVE-2012-0708
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2012-0708
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-0708
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/73492
IBM Rational ClearQuest ActiveX control (cqole.dll) buffer overflow CVE-2012-0708 Vulnerability Report
-
http://www.securityfocus.com/bid/53170
IBM Rational ClearQuest 'cqole.dll' ActiveX Control Heap Buffer Overflow Vulnerability
-
http://www.securitytracker.com/id?1026958
IBM Rational ClearQuest Buffer Overflow in ActiveX Control RegisterSchemaRepoFromFileByDbSet() Function Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://secunia.com/advisories/48933
Sign in
-
http://osvdb.org/81443
-
http://www.ibm.com/support/docview.wss?uid=swg21591705
IBM Security Bulletin: Rational ClearQuest CQOle ActiveX Control Remote Execution Vulnerability (CVE-2012-0708)Vendor Advisory
Products affected by CVE-2012-0708
- cpe:2.3:a:ibm:rational_clearquest:7.1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:8.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:7.1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_clearquest:8.0.0:*:*:*:*:*:*:*