Heap-based Buffer Overflow in IBM Rational ClearQuest Ole API
CVE-2012-0708

Currently unrated

Key Information:

Vendor

IBM
Status
Rational Clearquest
Vendor
CVE Published:
22 April 2012

What is CVE-2012-0708?

This vulnerability arises from a heap-based buffer overflow in the Ole API within the CQOle ActiveX control found in cqole.dll of IBM Rational ClearQuest. By exploiting a mismatch in the function prototype for RegisterSchemaRepoFromFileByDbSet, remote attackers can craft specially designed web pages that, when accessed, allow for the execution of arbitrary code on the affected systems, potentially compromising the integrity and security of user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1026958
vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/73492
vdb-entryx_refsource_XF
http://osvdb.org/81443
vdb-entryx_refsource_OSVDB

EPSS Score

66% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.