TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets.
References
Configurations
History
21 Nov 2024, 00:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640 - | |
References | () http://secunia.com/advisories/28490 - | |
References | () http://securitytracker.com/id?1019193 - | |
References | () http://www.securityfocus.com/bid/27295 - | |
References | () http://www.tibco.com/mk/advisory.jsp - | |
References | () http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt - | |
References | () http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt - | |
References | () http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt - | |
References | () http://www.vupen.com/english/advisories/2008/0173 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/39707 - |
Information
Published : 2008-01-16 03:00
Updated : 2024-11-21 00:38
NVD link : CVE-2007-5657
Mitre link : CVE-2007-5657
CVE.ORG link : CVE-2007-5657
JSON object : View
Products Affected
tibco
- ems_server
- smartsockets_rtserver
- enterprise_message_service
- rtworks
CWE
CWE-20
Improper Input Validation