Lucene search

[email protected]CVE-2007-4161

HistoryAug 03, 2007 - 9:17 p.m.

CVE-2007-4161

2007-08-0321:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-4161

tibco rendezvous

denial of service

network instability

vulnerability

7.5 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON

rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cause a denial of service (network instability) via a subject name with a leading (1) ‘*’ (asterisk) or (2) ‘>’ (greater than) wildcard character.

CPENameOperatorVersion
tibco:rendezvoustibco rendezvouseq7.5.2

CPE	Name	Operator	Version
tibco:rendezvous	tibco rendezvous	eq	7.5.2

References

archives.neohapsis.com/archives/fulldisclosure/2007-07/0620.html

osvdb.org/37681

secunia.com/advisories/26337

www.irmplc.com/content/pdfs/Security_Testing_Enterprise_Messaging_Systems.pdf

www.securitytracker.com/id?1018512

www.vupen.com/english/advisories/2007/2814

7.5 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.027 Low

EPSS

Percentile

90.4%

JSON

Related for CVE-2007-4161

cvelist1 prion1