HP Mercury Quality Center (QC) 9.2 and previous versions, and possibly TestDirector, relies on cached client-side scripts to implement "workflow" and decisions about the "capability" of a user, which allows remote malicious users to execute arbitrary code via crafted use of the Open Test Architecture (OTA) API, as demonstrated by modifying (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\TD_80, and then setting the file's properties to read-only.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp mercury quality center 8.2 |
||
hp mercury quality center 8.0 |
||
hp testdirector - |
||
hp mercury quality center |
||
hp mercury quality center 9.0 |