Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3338

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-3338
Last Modified 07 Mar 2011 10:10:37
Published 13 Aug 2008 06:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3338

Summary

Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk before 4.8.1; Runtime Agent (TRA) before 5.6.0; iProcess Engine 10.3.0 through 10.6.2 and 11.0.0; and Mainframe Service Tracker before 1.1.0 might allow remote attackers to execute arbitrary code via a crafted message.

Vulnerable Systems

Application

  • Tibco Hawk 4.6.0

  • Tibco Hawk 4.6.1

  • Tibco Hawk 4.7

  • Tibco Hawk 4.8.0

  • Tibco Iprocess Engine 10.3.0

  • Tibco Iprocess Engine 10.3.1

  • Tibco Iprocess Engine 10.3.2

  • Tibco Iprocess Engine 10.3.3

  • Tibco Iprocess Engine 10.3.4

  • Tibco Iprocess Engine 10.3.5

  • Tibco Iprocess Engine 10.4

  • Tibco Iprocess Engine 10.4.1

  • Tibco Iprocess Engine 10.5

  • Tibco Iprocess Engine 10.6

  • Tibco Iprocess Engine 10.6.0

  • Tibco Iprocess Engine 10.6.1

  • Tibco Iprocess Engine 10.6.2

  • Tibco Iprocess Engine 11.0

  • Tibco Mainframe Service Tracker 1.0

  • Tibco Runtime Agent 5.3

  • Tibco Runtime Agent 5.4.0

  • Tibco Runtime Agent 5.5.4


References

XF - tibcohawk-amiclibrary-hawkhma-bo(44604)

VUPEN - ADV-2008-2448

CONFIRM - http://www.tibco.com/resources/mk/hawk_security_advisory_20080729.txt

BID - 30836

SECUNIA - 31618


Last Updated: 27 May 2016 10:48:10