Vulnerability CVE-2011-1205


Published: 2011-03-29   Modified: 2012-02-13

Description:
Multiple buffer overflows in unspecified COM objects in Rational Common Licensing 7.0 through 7.1.1.4 in IBM Rational ClearCase 7.0.0.4 through 7.1.1.4, ClearQuest 7.0.0.4 through 7.1.1.4, and other products allow local users to gain privileges via a Trojan horse HTML document in the My Computer zone.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:L/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.9/10
10/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
IBM -> Rational clearcase 
IBM -> Rational clearquest 
IBM -> Rational common licensing 

 References:
http://xforce.iss.net/xforce/xfdb/66324
http://xforce.iss.net/xforce/xfdb/66304
http://www.vupen.com/english/advisories/2011/0832
http://www.securitytracker.com/id?1025269
http://www.securitytracker.com/id?1025268
http://www.ibm.com/support/docview.wss?uid=swg21470998

Copyright 2024, cxsecurity.com

 

Back to Top