CVE-2007-1819

HP Mercury Quality Center - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16580

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by ri0t · perlremotewindows

https://www.exploit-db.com/exploits/3661

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/hpmqc_progcolor.rb

View Code ZIP pw:eip

References (10)

[Vendor Advisory] http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872

[Various Sources] http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument

[US Government Resource] http://www.kb.cert.org/vuls/id/589097

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/1185

[Various Sources] http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/23239

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/33353

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1017835

[Third Party Advisory] http://secunia.com/advisories/24692

[Third Party Advisory] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497

Scores

EPSS 0.7767

EPSS Percentile 99.0%

Details

CWE

CWE-119

Status published

Products (2)

hp/mercury_quality_center 8.2 sp1

hp/mercury_quality_center 9.0

Published Apr 02, 2007

Tracked Since Feb 18, 2026