Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.
labs.idefense.com/intelligence/vulnerabilities/display.php?id=638
secunia.com/advisories/28490
securitytracker.com/id?1019193
www.securityfocus.com/bid/27294
www.tibco.com/mk/advisory.jsp
www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
www.vupen.com/english/advisories/2008/0173
exchange.xforce.ibmcloud.com/vulnerabilities/39703