Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5656

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-5656
Last Modified 07 Mar 2011 10:01:05
Published 15 Jan 2008 10:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5656

Summary

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.

Vulnerable Systems

Application

  • Tibco Enterprise Message Service 4.0.0

  • Tibco Enterprise Message Service 4.1.0

  • Tibco Enterprise Message Service 4.2.0

  • Tibco Enterprise Message Service 4.3.0

  • Tibco Enterprise Message Service 4.4.0

  • Tibco Enterprise Message Service 4.4.1

  • Tibco Rtworks 4.0.3

  • Tibco Smartsockets Rtserver 6.8.0


References

BID - 27293

VUPEN - ADV-2008-0173

CONFIRM - http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt

CONFIRM - http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt

CONFIRM - http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt

CONFIRM - http://www.tibco.com/mk/advisory.jsp

IDEFENSE - 20080115 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities

XF - tibco-rtserver-loop-code-execution(39708)

SECTRACK - 1019193

SECUNIA - 28490


Last Updated: 27 May 2016 10:46:14