Search criteria
15 vulnerabilities found for smartsockets_rtserver by tibco
FKIE_CVE-2009-1291
Vulnerability from fkie_nvd - Published: 2009-04-30 20:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | enterprise_message_service | * | |
| tibco | enterprise_message_service | 4.0.0 | |
| tibco | enterprise_message_service | 4.1.0 | |
| tibco | enterprise_message_service | 4.2.0 | |
| tibco | enterprise_message_service | 4.3.0 | |
| tibco | enterprise_message_service | 4.4.1 | |
| tibco | enterprise_message_service | 4.4.2 | |
| tibco | rtworks | 4.0.3 | |
| tibco | rtworks | 4.0.4 | |
| tibco | smartsockets | 6.8.0 | |
| tibco | smartsockets | 6.8.1 | |
| tibco | smartsockets_rtserver | * | |
| tibco | smartsockets_rtserver | 6.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6217FE17-B839-43F5-BE35-F4A01C40DA22",
"versionEndIncluding": "5.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A391F64-B618-4961-942C-109CE548FBB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3811EEE8-ED90-4272-BDC9-9FBB7E2ABC50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72D4BFCE-FD9B-45D8-B23A-B928B86ED2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B14826-B53E-46DC-8AE9-85776867D341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50598050-FAC6-42B6-98E5-D02DF85F1A07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D47D8470-3A41-4A12-95B4-B77A97A2AF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rtworks:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E49B105-E110-4A0B-A93B-B93A956B9A06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rtworks:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "087EFE3D-85C1-4479-B867-AD32A20693A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:smartsockets:6.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1ABE58C-9AF7-4013-A117-D72FF5991F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:smartsockets:6.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0823AC2-9E58-4669-9DC0-41A5A93B427B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3B33DD3-A164-4C13-A961-1E66ACB87DDE",
"versionEndIncluding": "6.8.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:smartsockets_rtserver:6.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73DC7F67-3813-4659-9429-78B93C02385B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via \"inbound data,\" as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en TIBCO SmartSockets antes de v6.8.2, SmartSockets Product Family (alias RTworks) antes de v4.0.5, y Enterprise Message Service (EMS) v4.0.0 hasta v5.1.1, utilizado en SmartSockets Server y RTworks Server (alias RTserver), librerias del cliente SmartSockets y productos con el complemento, \r\nlibrerias y componentes RTworks, EMS Server (alias tibemsd), SmartMQ, iProcess Engine, productos ActiveMatrix, y CA Enterprise Communicator, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de \"inbound data,\" (datos de entrada), como lo demuestran las solicitudes de la interfaz UDP de el componente RTserver, y inyecci\u00f3n de datos en el flujo TCP a tibemsd."
}
],
"id": "CVE-2009-1291",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-30T20:30:00.377",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34911"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1022129"
},
{
"source": "cve@mitre.org",
"url": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34754"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.tibco.com/services/support/advisories/default.jsp"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1198"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1022129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.tibco.com/services/support/advisories/default.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50214"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-5656
Vulnerability from fkie_nvd - Published: 2008-01-16 03:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | enterprise_message_service | 4.0.0 | |
| tibco | enterprise_message_service | 4.1.0 | |
| tibco | enterprise_message_service | 4.2.0 | |
| tibco | enterprise_message_service | 4.3.0 | |
| tibco | enterprise_message_service | 4.4.0 | |
| tibco | enterprise_message_service | 4.4.1 | |
| tibco | rtworks | * | |
| tibco | smartsockets_rtserver | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A391F64-B618-4961-942C-109CE548FBB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3811EEE8-ED90-4272-BDC9-9FBB7E2ABC50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72D4BFCE-FD9B-45D8-B23A-B928B86ED2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B14826-B53E-46DC-8AE9-85776867D341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A42A8728-2B49-4F1F-930C-AB2B808BDDA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50598050-FAC6-42B6-98E5-D02DF85F1A07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4F1058-6D26-4FA9-ACC0-8E2CB9E47EE8",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A607554-6A94-47FC-919C-8BC77E72E527",
"versionEndIncluding": "6.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory."
},
{
"lang": "es",
"value": "TIBCO SmartSockets RTserver 6.8.0 y anteriores, RTworks anterior a 4.0.4, y Enterprise Message Service (EMS) 4.0.0 hasta la 4.4.1 permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de respuestas manipuladas que controlan operaciones de bucle relacionados con la memoria."
}
],
"id": "CVE-2007-5656",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-16T03:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28490"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019193"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/27293"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0173"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/27293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39708"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-5658
Vulnerability from fkie_nvd - Published: 2008-01-16 03:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | enterprise_message_service | 4.0.0 | |
| tibco | enterprise_message_service | 4.1.0 | |
| tibco | enterprise_message_service | 4.2.0 | |
| tibco | enterprise_message_service | 4.3.0 | |
| tibco | enterprise_message_service | 4.4.0 | |
| tibco | enterprise_message_service | 4.4.1 | |
| tibco | rtworks | * | |
| tibco | smartsockets_rtserver | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A391F64-B618-4961-942C-109CE548FBB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3811EEE8-ED90-4272-BDC9-9FBB7E2ABC50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72D4BFCE-FD9B-45D8-B23A-B928B86ED2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B14826-B53E-46DC-8AE9-85776867D341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A42A8728-2B49-4F1F-930C-AB2B808BDDA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50598050-FAC6-42B6-98E5-D02DF85F1A07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4F1058-6D26-4FA9-ACC0-8E2CB9E47EE8",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A607554-6A94-47FC-919C-8BC77E72E527",
"versionEndIncluding": "6.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en TIBCO SmartSockets RTserver 6.8.0 y anteriores, RTworks before 4.0.4, y Enterprise Message Service (EMS) 4.0.0 hasta el 4.4.1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una respuesta manipulada que contiene valores de tama\u00f1o y longitud de copia que dispara el desbordamiento."
}
],
"id": "CVE-2007-5658",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-16T03:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28490"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019193"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27294"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0173"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-5655
Vulnerability from fkie_nvd - Published: 2008-01-16 03:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | rtworks | * | |
| tibco | smartsockets_rtserver | * | |
| tibco | ems_server | * | |
| tibco | enterprise_message_service | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4F1058-6D26-4FA9-ACC0-8E2CB9E47EE8",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A607554-6A94-47FC-919C-8BC77E72E527",
"versionEndIncluding": "6.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tibco:ems_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71A6DEC-C0A5-456D-BB28-EC5CA61BE796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C559EFC8-9BA6-41F7-AB44-3C10AEC52F56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers."
},
{
"lang": "es",
"value": "TIBCO SmartSockets RTserver 6.8.0 y anteriores, RTworks anterior a 4.0.4, y Enterprise Message Service (EMS) 4.0.0 hasta la 4.4.1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de respuestas manipuladas que contienen valores que son utilizados como punteros."
}
],
"id": "CVE-2007-5655",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-16T03:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28490"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019193"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27292"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0173"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-5657
Vulnerability from fkie_nvd - Published: 2008-01-16 03:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | rtworks | * | |
| tibco | smartsockets_rtserver | * | |
| tibco | ems_server | * | |
| tibco | enterprise_message_service | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A4F1058-6D26-4FA9-ACC0-8E2CB9E47EE8",
"versionEndIncluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A607554-6A94-47FC-919C-8BC77E72E527",
"versionEndIncluding": "6.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tibco:ems_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A71A6DEC-C0A5-456D-BB28-EC5CA61BE796",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:enterprise_message_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C559EFC8-9BA6-41F7-AB44-3C10AEC52F56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets."
},
{
"lang": "es",
"value": "TIBCO SmartSockets RTserver 6.8.0 y anteriores, RTworks anterior a 4.0.4, y Enterprise Message Service (EMS) 4.0.0 hasta el 4.4.1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de respuestas manipuladas que contienen valores que son utilizados como punteros de compensaci\u00f3n."
}
],
"id": "CVE-2007-5657",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-16T03:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28490"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019193"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27295"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0173"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39707"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2009-1291 (GCVE-0-2009-1291)
Vulnerability from cvelistv5 – Published: 2009-04-30 20:00 – Updated: 2024-08-07 05:04
VLAI?
Summary
Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/services/support/advisories/default.jsp"
},
{
"name": "1022129",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022129"
},
{
"name": "34754",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34754"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt"
},
{
"name": "20090428 TIBCO SmartSockets Stack Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785"
},
{
"name": "smartsockets-udp-bo(50214)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50214"
},
{
"name": "ADV-2009-1198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1198"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp"
},
{
"name": "34911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via \"inbound data,\" as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/services/support/advisories/default.jsp"
},
{
"name": "1022129",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022129"
},
{
"name": "34754",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34754"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt"
},
{
"name": "20090428 TIBCO SmartSockets Stack Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785"
},
{
"name": "smartsockets-udp-bo(50214)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50214"
},
{
"name": "ADV-2009-1198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1198"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp"
},
{
"name": "34911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via \"inbound data,\" as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt"
},
{
"name": "http://www.tibco.com/services/support/advisories/default.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories/default.jsp"
},
{
"name": "1022129",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022129"
},
{
"name": "34754",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34754"
},
{
"name": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt"
},
{
"name": "20090428 TIBCO SmartSockets Stack Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785"
},
{
"name": "smartsockets-udp-bo(50214)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50214"
},
{
"name": "ADV-2009-1198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1198"
},
{
"name": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html",
"refsource": "MISC",
"url": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html"
},
{
"name": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp"
},
{
"name": "34911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34911"
},
{
"name": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1291",
"datePublished": "2009-04-30T20:00:00",
"dateReserved": "2009-04-13T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5658 (GCVE-0-2007-5658)
Vulnerability from cvelistv5 – Published: 2008-01-16 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27294",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27294"
},
{
"name": "tibco-rtserver-bo(39703)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27294",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27294"
},
{
"name": "tibco-rtserver-bo(39703)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27294",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27294"
},
{
"name": "tibco-rtserver-bo(39703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703"
},
{
"name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638"
},
{
"name": "28490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5658",
"datePublished": "2008-01-16T02:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5655 (GCVE-0-2007-5655)
Vulnerability from cvelistv5 – Published: 2008-01-16 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "27292",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27292"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-pointer-code-execution(39705)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "27292",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27292"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-pointer-code-execution(39705)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639"
},
{
"name": "28490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28490"
},
{
"name": "27292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27292"
},
{
"name": "1019193",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-pointer-code-execution(39705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705"
},
{
"name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5655",
"datePublished": "2008-01-16T02:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5656 (GCVE-0-2007-5656)
Vulnerability from cvelistv5 – Published: 2008-01-16 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-loop-code-execution(39708)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39708"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27293",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27293"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-loop-code-execution(39708)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39708"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27293",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27293"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641"
},
{
"name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-loop-code-execution(39708)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39708"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27293",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27293"
},
{
"name": "ADV-2008-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5656",
"datePublished": "2008-01-16T02:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5657 (GCVE-0-2007-5657)
Vulnerability from cvelistv5 – Published: 2008-01-16 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640"
},
{
"name": "tibco-rtserver-offset-code-execution(39707)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39707"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27295"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640"
},
{
"name": "tibco-rtserver-offset-code-execution(39707)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39707"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27295"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640"
},
{
"name": "tibco-rtserver-offset-code-execution(39707)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39707"
},
{
"name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27295"
},
{
"name": "ADV-2008-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5657",
"datePublished": "2008-01-16T02:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1291 (GCVE-0-2009-1291)
Vulnerability from nvd – Published: 2009-04-30 20:00 – Updated: 2024-08-07 05:04
VLAI?
Summary
Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/services/support/advisories/default.jsp"
},
{
"name": "1022129",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022129"
},
{
"name": "34754",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34754"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt"
},
{
"name": "20090428 TIBCO SmartSockets Stack Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785"
},
{
"name": "smartsockets-udp-bo(50214)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50214"
},
{
"name": "ADV-2009-1198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1198"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp"
},
{
"name": "34911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via \"inbound data,\" as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/services/support/advisories/default.jsp"
},
{
"name": "1022129",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022129"
},
{
"name": "34754",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34754"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt"
},
{
"name": "20090428 TIBCO SmartSockets Stack Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785"
},
{
"name": "smartsockets-udp-bo(50214)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50214"
},
{
"name": "ADV-2009-1198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1198"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp"
},
{
"name": "34911",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via \"inbound data,\" as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt"
},
{
"name": "http://www.tibco.com/services/support/advisories/default.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories/default.jsp"
},
{
"name": "1022129",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022129"
},
{
"name": "34754",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34754"
},
{
"name": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt"
},
{
"name": "20090428 TIBCO SmartSockets Stack Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785"
},
{
"name": "smartsockets-udp-bo(50214)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50214"
},
{
"name": "ADV-2009-1198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1198"
},
{
"name": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html",
"refsource": "MISC",
"url": "http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html"
},
{
"name": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp"
},
{
"name": "34911",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34911"
},
{
"name": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1291",
"datePublished": "2009-04-30T20:00:00",
"dateReserved": "2009-04-13T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5658 (GCVE-0-2007-5658)
Vulnerability from nvd – Published: 2008-01-16 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27294",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27294"
},
{
"name": "tibco-rtserver-bo(39703)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27294",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27294"
},
{
"name": "tibco-rtserver-bo(39703)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27294",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27294"
},
{
"name": "tibco-rtserver-bo(39703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39703"
},
{
"name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638"
},
{
"name": "28490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5658",
"datePublished": "2008-01-16T02:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5655 (GCVE-0-2007-5655)
Vulnerability from nvd – Published: 2008-01-16 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "27292",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27292"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-pointer-code-execution(39705)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "27292",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27292"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-pointer-code-execution(39705)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639"
},
{
"name": "28490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28490"
},
{
"name": "27292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27292"
},
{
"name": "1019193",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-pointer-code-execution(39705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705"
},
{
"name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "ADV-2008-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5655",
"datePublished": "2008-01-16T02:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5656 (GCVE-0-2007-5656)
Vulnerability from nvd – Published: 2008-01-16 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-loop-code-execution(39708)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39708"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27293",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27293"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-loop-code-execution(39708)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39708"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27293",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27293"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641"
},
{
"name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "tibco-rtserver-loop-code-execution(39708)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39708"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27293",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27293"
},
{
"name": "ADV-2008-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5656",
"datePublished": "2008-01-16T02:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5657 (GCVE-0-2007-5657)
Vulnerability from nvd – Published: 2008-01-16 02:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640"
},
{
"name": "tibco-rtserver-offset-code-execution(39707)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39707"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27295"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640"
},
{
"name": "tibco-rtserver-offset-code-execution(39707)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39707"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27295"
},
{
"name": "ADV-2008-0173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt"
},
{
"name": "28490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28490"
},
{
"name": "1019193",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019193"
},
{
"name": "20080115 TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=640"
},
{
"name": "tibco-rtserver-offset-code-execution(39707)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39707"
},
{
"name": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "27295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27295"
},
{
"name": "ADV-2008-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0173"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5657",
"datePublished": "2008-01-16T02:00:00",
"dateReserved": "2007-10-23T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}