Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5289

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2007-5289
Last Modified 03 Mar 2009 01:40:11
Published 24 Feb 2009 12:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2007-5289

Summary

HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture (OTA) API, as demonstrated by modifying (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\TD_80, and then setting the file's properties to read-only.

Vulnerable Systems

Application

  • Hp Mercury Quality Center 8.0

  • Hp Mercury Quality Center 8.2

  • Hp Mercury Quality Center 9.0

  • Hp Mercury Quality Center 9.2

  • Hp Testdirector -


References

CERT-VN - VU#898865

XF - hpqualitycenter-workflowscripts-sec-bypass(48860)

BID - 33854

BUGTRAQ - 20090224 Re: HP Quality Center vulnerability

BUGTRAQ - 20090223 HP Quality Center vulnerability

SECUNIA - 34046

SECUNIA - 34015

MISC - http://blogs.exposit.co.uk/2009/02/23/vulnerability-in-quality-center/


Last Updated: 27 May 2016 10:46:08