CVE-2007-5656

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641
http://secunia.com/advisories/28490
http://securitytracker.com/id?1019193
http://www.securityfocus.com/bid/27293	Patch
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
http://www.vupen.com/english/advisories/2008/0173
https://exchange.xforce.ibmcloud.com/vulnerabilities/39708
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641
http://secunia.com/advisories/28490
http://securitytracker.com/id?1019193
http://www.securityfocus.com/bid/27293	Patch
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
http://www.vupen.com/english/advisories/2008/0173
https://exchange.xforce.ibmcloud.com/vulnerabilities/39708

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:tibco:enterprise_message_service:4.0.0:::::::*
	cpe:2.3:a:tibco:enterprise_message_service:4.1.0:::::::*
	cpe:2.3:a:tibco:enterprise_message_service:4.2.0:::::::*
	cpe:2.3:a:tibco:enterprise_message_service:4.3.0:::::::*
	cpe:2.3:a:tibco:enterprise_message_service:4.4.0:::::::*
	cpe:2.3:a:tibco:enterprise_message_service:4.4.1:::::::*
	cpe:2.3:a:tibco:rtworks::::::::
	cpe:2.3:a:tibco:smartsockets_rtserver::::::::

History

21 Nov 2024, 00:38

Type	Values Removed	Values Added
References	~~() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641 -~~	() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641 -
References	~~() http://secunia.com/advisories/28490 -~~	() http://secunia.com/advisories/28490 -
References	~~() http://securitytracker.com/id?1019193 -~~	() http://securitytracker.com/id?1019193 -
References	~~() http://www.securityfocus.com/bid/27293 - Patch~~	() http://www.securityfocus.com/bid/27293 - Patch
References	~~() http://www.tibco.com/mk/advisory.jsp -~~	() http://www.tibco.com/mk/advisory.jsp -
References	~~() http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt -~~	() http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt -
References	~~() http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt -~~	() http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt -
References	~~() http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt -~~	() http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt -
References	~~() http://www.vupen.com/english/advisories/2008/0173 -~~	() http://www.vupen.com/english/advisories/2008/0173 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/39708 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/39708 -

Information

Published : 2008-01-16 03:00

Updated : 2024-11-21 00:38

NVD link : CVE-2007-5656

Mitre link : CVE-2007-5656

CVE.ORG link : CVE-2007-5656

JSON object : View

Products Affected

tibco

smartsockets_rtserver
enterprise_message_service
rtworks

CWE

CWE-399

Resource Management Errors

10.0 /10