Lucene search

[email protected]CVE-2007-5656

HistoryJan 16, 2008 - 3:00 a.m.

CVE-2007-5656

2008-01-1603:00:00

CWE-399

[email protected]

web.nvd.nist.gov

tibco

smartsockets rtserver

rtworks

ems

denial of service

arbitrary code execution

cve-2007-5656

nvd

8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.056 Low

EPSS

Percentile

93.2%

JSON

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.

CPENameOperatorVersion
tibco:enterprise_message_servicetibco enterprise message serviceeq4.4.1
tibco:enterprise_message_servicetibco enterprise message serviceeq4.4.0
tibco:enterprise_message_servicetibco enterprise message serviceeq4.1.0
tibco:enterprise_message_servicetibco enterprise message serviceeq4.2.0
tibco:smartsockets_rtservertibco smartsockets rtserverle6.8.0
tibco:enterprise_message_servicetibco enterprise message serviceeq4.0.0
tibco:enterprise_message_servicetibco enterprise message serviceeq4.3.0
tibco:rtworkstibco rtworksle4.0.3

CPE	Name	Operator	Version
tibco:enterprise_message_service	tibco enterprise message service	eq	4.4.1
tibco:enterprise_message_service	tibco enterprise message service	eq	4.4.0
tibco:enterprise_message_service	tibco enterprise message service	eq	4.1.0
tibco:enterprise_message_service	tibco enterprise message service	eq	4.2.0
tibco:smartsockets_rtserver	tibco smartsockets rtserver	le	6.8.0
tibco:enterprise_message_service	tibco enterprise message service	eq	4.0.0
tibco:enterprise_message_service	tibco enterprise message service	eq	4.3.0
tibco:rtworks	tibco rtworks	le	4.0.3

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=641

secunia.com/advisories/28490

securitytracker.com/id?1019193

www.securityfocus.com/bid/27293

www.tibco.com/mk/advisory.jsp

www.tibco.com/resources/mk/ems_security_advisory_20080115.txt

www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt

www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt

www.vupen.com/english/advisories/2008/0173

exchange.xforce.ibmcloud.com/vulnerabilities/39708

8 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.056 Low

EPSS

Percentile

93.2%

JSON

Related for CVE-2007-5656

prion1 securityvulns2 cvelist1 seebug1