Vulnerability Details CVE-2007-5289
HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture (OTA) API, as demonstrated by modifying (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\TD_80, and then setting the file's properties to read-only.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.145
EPSS Ranking 94.2%
CVSS Severity
CVSS v2 Score 7.6
References
- http://blogs.exposit.co.uk/2009/02/23/vulnerability-in-quality-center/
- http://secunia.com/advisories/34015
- http://secunia.com/advisories/34046
- http://www.kb.cert.org/vuls/id/898865
- http://www.securityfocus.com/archive/1/501177/100/0/threaded
- http://www.securityfocus.com/archive/1/501219/100/0/threaded
- http://www.securityfocus.com/bid/33854
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48860
- http://blogs.exposit.co.uk/2009/02/23/vulnerability-in-quality-center/
- http://secunia.com/advisories/34015
- http://secunia.com/advisories/34046
- http://www.kb.cert.org/vuls/id/898865
- http://www.securityfocus.com/archive/1/501177/100/0/threaded
- http://www.securityfocus.com/archive/1/501219/100/0/threaded
- http://www.securityfocus.com/bid/33854
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48860
Products affected by CVE-2007-5289
-
cpe:2.3:a:hp:mercury_quality_center:-
-
cpe:2.3:a:hp:mercury_quality_center:8.0
-
cpe:2.3:a:hp:mercury_quality_center:8.2
-
cpe:2.3:a:hp:mercury_quality_center:9.0
-
cpe:2.3:a:hp:mercury_quality_center:9.0_build_9.1.0.4352
-
cpe:2.3:a:hp:testdirector:-