TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
labs.idefense.com/intelligence/vulnerabilities/display.php?id=639
secunia.com/advisories/28490
securitytracker.com/id?1019193
www.securityfocus.com/bid/27292
www.tibco.com/mk/advisory.jsp
www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
www.vupen.com/english/advisories/2008/0173
exchange.xforce.ibmcloud.com/vulnerabilities/39705