Lucene search

[email protected]CVE-2007-5655

HistoryJan 16, 2008 - 3:00 a.m.

CVE-2007-5655

2008-01-1603:00:00

CWE-119

[email protected]

web.nvd.nist.gov

tibco

smartsockets

rtserver

rtworks

enterprise message service

ems

remote code execution

vulnerability

cve-2007-5655

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.092 Low

EPSS

Percentile

94.7%

JSON

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.

Affected configurations

NVD

Node

tibcortworksRange≤4.0.3

tibcosmartsockets_rtserverRange≤6.8.0

Node

tibcoems_server

AND

tibcoenterprise_message_service

CPENameOperatorVersion
tibco:rtworkstibco rtworksle4.0.3
tibco:smartsockets_rtservertibco smartsockets rtserverle6.8.0

CPE	Name	Operator	Version
tibco:rtworks	tibco rtworks	le	4.0.3
tibco:smartsockets_rtserver	tibco smartsockets rtserver	le	6.8.0

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=639

secunia.com/advisories/28490

securitytracker.com/id?1019193

www.securityfocus.com/bid/27292

www.tibco.com/mk/advisory.jsp

www.tibco.com/resources/mk/ems_security_advisory_20080115.txt

www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt

www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt

www.vupen.com/english/advisories/2008/0173

exchange.xforce.ibmcloud.com/vulnerabilities/39705

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.092 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2007-5655

securityvulns2 prion1 nvd1 cvelist1