CVE-2007-1819

Description

Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.

References

Link	Tags
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872	vendor advisory
http://www.vupen.com/english/advisories/2007/1185	vdb entry vendor advisory
http://securitytracker.com/id?1017835	vdb entry
http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument
http://secunia.com/advisories/24692	third party advisory
http://www.kb.cert.org/vuls/id/589097	third party advisory us government resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/33353	vdb entry
http://www.securityfocus.com/bid/23239	vdb entry
http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497	third party advisory

Frequently Asked Questions

What is the severity of CVE-2007-1819?: CVE-2007-1819 has been scored as a critical severity vulnerability.
How to fix CVE-2007-1819?: To fix CVE-2007-1819, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2007-1819 being actively exploited in the wild?: It is possible that CVE-2007-1819 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~76% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

References

Frequently Asked Questions