From Secunia:
Description:
A vulnerability has been reported in HP Mercury Quality Center, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to a boundary error within the SPIDERLib.Loader ActiveX control (Spider90.ocx) installed by HP Mercury Quality Center. This can be exploited to cause a stack-based buffer overflow by setting the “ProgColor” property to an overly long string.
Successful exploitation allows execution of arbitrary code when visiting a malicious website.
The vulnerability reportedly affects version 8.2 SP1 and 9.0.
Solution:
Apply patches.
[tags]HO Mercury, Buffer Overflow, Vulnerability[/tags]
