CVE-2007-1819

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument", "name": "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/cf109e434c7765eac22572a4006c6e94?OpenDocument", "tags": [], "refsource": "MISC"}, {"url": "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument", "name": "http://webnotes.merc-int.com/patches.nsf/c4d68388a23535dc422567d0004bbae2/7a0f7f0efc7905fdc225729f004cf387?OpenDocument", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.kb.cert.org/vuls/id/589097", "name": "VU#589097", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://securitytracker.com/id?1017835", "name": "1017835", "tags": [], "refsource": "SECTRACK"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497", "name": "20070402 Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability", "tags": [], "refsource": "IDEFENSE"}, {"url": "http://www.securityfocus.com/bid/23239", "name": "23239", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/24692", "name": "24692", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2007/1185", "name": "ADV-2007-1185", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00901872", "name": "SSRT071312", "tags": [], "refsource": "HP"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33353", "name": "hp-mercury-quality-progcolor-bo(33353)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) 9.1.0.4353 in TestDirector (TD) for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-1819", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2007-04-02T23:19Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:hp:mercury_quality_center:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:hp:mercury_quality_center:8.2:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-29T01:31Z"}