Search criteria
12 vulnerabilities found for substantiation_es by tibco
FKIE_CVE-2014-2543
Vulnerability from fkie_nvd - Published: 2014-04-08 23:47 - Updated: 2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | rendezvous | * | |
| tibco | rendezvous | 7.4.11 | |
| tibco | rendezvous | 7.5.1 | |
| tibco | rendezvous | 7.5.2 | |
| tibco | rendezvous | 7.5.3 | |
| tibco | rendezvous | 7.5.4 | |
| tibco | rendezvous | 8.2.1 | |
| tibco | rendezvous | 8.3.0 | |
| tibco | rendezvous | 8.3.1 | |
| tibco | rendezvous | 8.10 | |
| tibco | substantiation_es | * | |
| tibco | messaging_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:rendezvous:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81514701-B44C-43C7-B151-2634542726D0",
"versionEndIncluding": "8.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "12892830-2FAA-4C1F-8C9D-B898E84DBAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B20531C-A4CB-4196-AC66-C485CB618858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9498F55F-0862-4F95-A625-632F2579411C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0720B71A-1483-46FE-B88B-E7022A22E895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6865DC2D-F68C-4D5C-A85C-764B69582C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0710D6E-07FF-49D9-82D1-028BF906AF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34040A6F-6C22-4011-A3F3-AD2F38CC468F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D05CB56A-E228-47D0-9FD2-0A0762DD0C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1580499E-7634-4670-AB4C-22418328C2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:substantiation_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7B1682-5E6F-4862-9A60-F73B392B1316",
"versionEndIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:tibco:messaging_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C474F07-0141-405F-8531-116C7A5EF5BD",
"versionEndIncluding": "8.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en el demonio de Rendezvous (rvd), el demonio de Rendezvous Routing (rvrd), el demonio de Rendezvous Secure (rvsd) y el demonio de Rendezvous Secure Routing (rvsrd) en TIBCO Rendezvous anterior a 8.4.2, Messaging Appliance anterior a 8.7.1 y Substation ES anterior a 2.8.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante el aprovechamiento de acceso al cliente conectado directamente y transmitiendo datos manipulados."
}
],
"id": "CVE-2014-2543",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-08T23:47:28.727",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/66744"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2542
Vulnerability from fkie_nvd - Published: 2014-04-08 23:47 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | rendezvous | * | |
| tibco | rendezvous | 7.4.11 | |
| tibco | rendezvous | 7.5.1 | |
| tibco | rendezvous | 7.5.2 | |
| tibco | rendezvous | 7.5.3 | |
| tibco | rendezvous | 7.5.4 | |
| tibco | rendezvous | 8.2.1 | |
| tibco | rendezvous | 8.3.0 | |
| tibco | rendezvous | 8.3.1 | |
| tibco | rendezvous | 8.10 | |
| tibco | substantiation_es | * | |
| tibco | messaging_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:rendezvous:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81514701-B44C-43C7-B151-2634542726D0",
"versionEndIncluding": "8.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "12892830-2FAA-4C1F-8C9D-B898E84DBAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B20531C-A4CB-4196-AC66-C485CB618858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9498F55F-0862-4F95-A625-632F2579411C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0720B71A-1483-46FE-B88B-E7022A22E895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6865DC2D-F68C-4D5C-A85C-764B69582C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0710D6E-07FF-49D9-82D1-028BF906AF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34040A6F-6C22-4011-A3F3-AD2F38CC468F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D05CB56A-E228-47D0-9FD2-0A0762DD0C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1580499E-7634-4670-AB4C-22418328C2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:substantiation_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7B1682-5E6F-4862-9A60-F73B392B1316",
"versionEndIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:tibco:messaging_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C474F07-0141-405F-8531-116C7A5EF5BD",
"versionEndIncluding": "8.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en el demonio de Rendezvous (rvd), el demonio de Rendezvous Routing (rvrd), el demonio de Rendezvous Secure (rvsd) y el demonio de Rendezvous Secure Routing (rvsrd) en TIBCO Rendezvous anterior a 8.4.2, Messaging Appliance anterior a 8.7.1 y Substation ES anterior a 2.8.1 permite a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-2542",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-04-08T23:47:28.697",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/101873"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/66737"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/101873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2541
Vulnerability from fkie_nvd - Published: 2014-04-08 23:47 - Updated: 2025-04-12 10:46
Severity ?
Summary
The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | rendezvous | * | |
| tibco | rendezvous | 7.4.11 | |
| tibco | rendezvous | 7.5.1 | |
| tibco | rendezvous | 7.5.2 | |
| tibco | rendezvous | 7.5.3 | |
| tibco | rendezvous | 7.5.4 | |
| tibco | rendezvous | 8.2.1 | |
| tibco | rendezvous | 8.3.0 | |
| tibco | rendezvous | 8.3.1 | |
| tibco | rendezvous | 8.10 | |
| tibco | substantiation_es | * | |
| tibco | messaging_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:rendezvous:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81514701-B44C-43C7-B151-2634542726D0",
"versionEndIncluding": "8.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "12892830-2FAA-4C1F-8C9D-B898E84DBAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B20531C-A4CB-4196-AC66-C485CB618858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9498F55F-0862-4F95-A625-632F2579411C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0720B71A-1483-46FE-B88B-E7022A22E895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6865DC2D-F68C-4D5C-A85C-764B69582C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0710D6E-07FF-49D9-82D1-028BF906AF01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34040A6F-6C22-4011-A3F3-AD2F38CC468F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D05CB56A-E228-47D0-9FD2-0A0762DD0C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1580499E-7634-4670-AB4C-22418328C2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:substantiation_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D7B1682-5E6F-4862-9A60-F73B392B1316",
"versionEndIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:tibco:messaging_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C474F07-0141-405F-8531-116C7A5EF5BD",
"versionEndIncluding": "8.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
},
{
"lang": "es",
"value": "El demonio de Rendezvous (rvd), el demonio de Rendezvous Routing (rvrd), el demonio de Rendezvous Secure (rvsd) y el demonio de Rendezvous Secure Routing (rvsrd) en TIBCO Rendezvous anterior a 8.4.2, Messaging Appliance anterior a 8.7.1 y Substation ES anterior a 2.8.1 no implementan debidamente control de acceso, lo que permite a atacantes remotos obtener informaci\u00f3n sensible o modificar informaci\u00f3n transmitida a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-2541",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-08T23:47:28.667",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-1703
Vulnerability from fkie_nvd - Published: 2008-04-11 10:05 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tibco | adapter_files_z_os | * | |
| tibco | hawk | * | |
| tibco | iprocess_engine | 10.3.0 | |
| tibco | iprocess_engine | 10.3.1 | |
| tibco | iprocess_engine | 10.3.2 | |
| tibco | iprocess_engine | 10.3.3 | |
| tibco | iprocess_engine | 10.3.4 | |
| tibco | iprocess_engine | 10.3.5 | |
| tibco | iprocess_engine | 10.4 | |
| tibco | iprocess_engine | 10.4.1 | |
| tibco | iprocess_engine | 10.5 | |
| tibco | iprocess_engine | 10.6 | |
| tibco | iprocess_engine | 10.6.0 | |
| tibco | iprocess_engine | 10.6.1 | |
| tibco | rendezvous | * | |
| tibco | rendezvous_datasecurity | * | |
| tibco | rendezvous_tx | * | |
| tibco | runtime_agent | * | |
| tibco | substantiation_es | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tibco:adapter_files_z_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E74B55-ED15-4EA1-8AAC-8BB98798A1DC",
"versionEndIncluding": "4.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:hawk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FB4C18E-D1AD-4064-949A-D00A2A4B41BC",
"versionEndIncluding": "4.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F085498D-67C1-43D2-AAA2-35BA8AF1998E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E90A12B-BEB4-4F51-B4D2-BA0DB127CE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EBF898A2-46AA-4A79-8D85-2C34174AD44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9388D9-CC97-487B-864C-F8FA9BFF7306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "389EDDD9-4EFC-4B11-A3B9-C3BCD8D4DBAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9CCBA1D2-6FDF-4D6F-9316-9B6F3A9BD50A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F45470DC-9C5C-4CBE-8DFD-FE49008A0D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50CFE4BA-00B8-4334-9B67-0A4276F5FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "900BB34F-1533-4D53-904D-78E3D6EF3ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "94FDFA30-E50A-4AD1-81F6-39E58DCCC515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6D5769-8FE2-4923-94EE-92619D8D086A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:iprocess_engine:10.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C65C714C-91B8-4665-B9BD-699BE318EDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17CFBB43-82E9-4E7F-938C-B11B6425D3DC",
"versionEndIncluding": "8.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous_datasecurity:*:*:*:*:*:*:*:*",
"matchCriteriaId": "413BBA07-5D7E-4E2F-9D1D-E26E2511FE74",
"versionEndIncluding": "2.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:rendezvous_tx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0E28E2-852E-4872-BED1-C17BE83DC75B",
"versionEndIncluding": "2.04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:runtime_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F939E999-5F16-430E-B960-965C25576D10",
"versionEndIncluding": "5.5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tibco:substantiation_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8B1410-F4D3-475E-AF5B-BFBDBD0982DF",
"versionEndIncluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en TIBCO Software Rendezvous anterior a 8.1.0., utilizado en m\u00faltiples productos TIBCO,permitena atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un mensaje manipulado."
}
],
"id": "CVE-2008-1703",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-11T10:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29774"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/44269"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28717"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019826"
},
{
"source": "cve@mitre.org",
"url": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1189/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1190/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/44269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1189/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1190/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41760"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-2543 (GCVE-0-2014-2543)
Vulnerability from cvelistv5 – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:21
VLAI?
Summary
Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66744"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66744"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66744"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2543",
"datePublished": "2014-04-08T17:00:00",
"dateReserved": "2014-03-18T00:00:00",
"dateUpdated": "2024-08-06T10:21:35.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2541 (GCVE-0-2014-2541)
Vulnerability from cvelistv5 – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:14
VLAI?
Summary
The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2541",
"datePublished": "2014-04-08T17:00:00",
"dateReserved": "2014-03-18T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2542 (GCVE-0-2014-2542)
Vulnerability from cvelistv5 – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:14
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101873"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-18T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "66737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101873"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66737"
},
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101873"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2542",
"datePublished": "2014-04-08T17:00:00",
"dateReserved": "2014-03-18T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1703 (GCVE-0-2008-1703)
Vulnerability from cvelistv5 – Published: 2008-04-11 10:00 – Updated: 2024-08-07 08:32
VLAI?
Summary
Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt"
},
{
"name": "1019826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019826"
},
{
"name": "tibco-rendezvous-multiple-code-execution(41760)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41760"
},
{
"name": "44269",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/44269"
},
{
"name": "28717",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28717"
},
{
"name": "ADV-2008-1190",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1190/references"
},
{
"name": "29774",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29774"
},
{
"name": "ADV-2008-1189",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1189/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt"
},
{
"name": "1019826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019826"
},
{
"name": "tibco-rendezvous-multiple-code-execution(41760)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41760"
},
{
"name": "44269",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/44269"
},
{
"name": "28717",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28717"
},
{
"name": "ADV-2008-1190",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1190/references"
},
{
"name": "29774",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29774"
},
{
"name": "ADV-2008-1189",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1189/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1703",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt"
},
{
"name": "1019826",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019826"
},
{
"name": "tibco-rendezvous-multiple-code-execution(41760)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41760"
},
{
"name": "44269",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/44269"
},
{
"name": "28717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28717"
},
{
"name": "ADV-2008-1190",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1190/references"
},
{
"name": "29774",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29774"
},
{
"name": "ADV-2008-1189",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1189/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1703",
"datePublished": "2008-04-11T10:00:00",
"dateReserved": "2008-04-08T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2543 (GCVE-0-2014-2543)
Vulnerability from nvd – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:21
VLAI?
Summary
Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66744"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66744"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66744"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2543",
"datePublished": "2014-04-08T17:00:00",
"dateReserved": "2014-03-18T00:00:00",
"dateUpdated": "2024-08-06T10:21:35.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2541 (GCVE-0-2014-2541)
Vulnerability from nvd – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:14
VLAI?
Summary
The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2541",
"datePublished": "2014-04-08T17:00:00",
"dateReserved": "2014-03-18T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2542 (GCVE-0-2014-2542)
Vulnerability from nvd – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:14
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101873"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-18T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "66737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101873"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66737"
},
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101873"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2542",
"datePublished": "2014-04-08T17:00:00",
"dateReserved": "2014-03-18T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1703 (GCVE-0-2008-1703)
Vulnerability from nvd – Published: 2008-04-11 10:00 – Updated: 2024-08-07 08:32
VLAI?
Summary
Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt"
},
{
"name": "1019826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019826"
},
{
"name": "tibco-rendezvous-multiple-code-execution(41760)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41760"
},
{
"name": "44269",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/44269"
},
{
"name": "28717",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28717"
},
{
"name": "ADV-2008-1190",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1190/references"
},
{
"name": "29774",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29774"
},
{
"name": "ADV-2008-1189",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1189/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt"
},
{
"name": "1019826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019826"
},
{
"name": "tibco-rendezvous-multiple-code-execution(41760)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41760"
},
{
"name": "44269",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/44269"
},
{
"name": "28717",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28717"
},
{
"name": "ADV-2008-1190",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1190/references"
},
{
"name": "29774",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29774"
},
{
"name": "ADV-2008-1189",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1189/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1703",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt"
},
{
"name": "1019826",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019826"
},
{
"name": "tibco-rendezvous-multiple-code-execution(41760)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41760"
},
{
"name": "44269",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/44269"
},
{
"name": "28717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28717"
},
{
"name": "ADV-2008-1190",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1190/references"
},
{
"name": "29774",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29774"
},
{
"name": "ADV-2008-1189",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1189/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1703",
"datePublished": "2008-04-11T10:00:00",
"dateReserved": "2008-04-08T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}