Lucene search
K

23 matches found

securityvulns
securityvulns
added 2009/05/01 12:0 a.m.35 views

TIBCO SmartSockets buffer overflow

Buffer overflow on UDP message parsing...

10CVSS4.9AI score0.0643EPSS
Exploits0Affected Software1
prion
prion
added 2009/04/30 8:30 p.m.13 views

Stack overflow

Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family aka RTworks before 4.0.5, and Enterprise Message Service EMS 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server aka RTserver, SmartSockets client libraries and add-on products, RTworks...

10CVSS9AI score0.0643EPSS
Exploits0References12Affected Software4
nvd
nvd
added 2009/04/30 8:30 p.m.19 views

CVE-2009-1291

Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family aka RTworks before 4.0.5, and Enterprise Message Service EMS 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server aka RTserver, SmartSockets client libraries and add-on products, RTworks...

10CVSS8.3AI score0.0643EPSS
Exploits0References12
cve
cve
added 2009/04/30 8:0 p.m.64 views

CVE-2009-1291

TIBCO SmartSockets/EMS are affected by CVE-2009-1291 through a stack-based buffer overflow in inbound data handling. Affected product families: SmartSockets prior to 6.8.2, SmartSockets Product Family (RTworks) prior to 4.0.5, and EMS 4.0.0–5.1.1, used in SmartSockets Server/RTworks Server (RTser...

10CVSS8.6AI score0.0643EPSS
Exploits0References12Affected Software4
cvelist
cvelist
added 2009/04/30 8:0 p.m.24 views

CVE-2009-1291

Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family aka RTworks before 4.0.5, and Enterprise Message Service EMS 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server aka RTserver, SmartSockets client libraries and add-on products, RTworks...

8.3AI score0.0643EPSS
Exploits0References12
seebug
seebug
added 2008/01/17 12:0 a.m.34 views

TIBCO SmartSockets指针偏移远程代码执行漏洞

BUGTRAQ ID: 27295 CVECAN ID: CVE-2007-5657 TIBCO SmartSockets是用于通过独立通道传输消息的传送框架,RTserver是其中的服务器组件。 SmartSockets在处理请求时使用了来自请求的值作为添加到有效指针的偏移,然后在各种内存操作中用到了所生成的指针值。由于攻击者可以控制偏移值,因此可能触发可利用的情况,导致RTserver拒绝服务或以系统权限执行任意指令。 TIBCO SmartSockets 6.8 TIBCO ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

10CVSS6.4AI score0.0555EPSS
Exploits1
seebug
seebug
added 2008/01/17 12:0 a.m.25 views

SmartSockets RTServer多个远程不可信任循环边界漏洞

BUGTRAQ ID: 27293 CVECAN ID: CVE-2007-5656 TIBCO SmartSockets是用于通过独立通道传输消息的传送框架,RTserver是其中的服务器组件。 TIBCO SmartSockets在处理畸形数据时存在漏洞,远程攻击者可能利用此漏洞导致拒绝服务或执行任意指令。 在处理请求时,SmartSockets使用了一些来自请求的值控制一些循环的重复次数,而在这些循环中可以执行各种内存操作。由于攻击者可以控制这些值,因此可能会触发一些可利用的情况,导致RTserver拒绝服务或以系统权限执行任意指令。 TIBCO SmartSockets 6.8...

10CVSS6.4AI score0.05437EPSS
Exploits1
nvd
nvd
added 2008/01/16 3:0 a.m.18 views

CVE-2007-5658

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow...

10CVSS8.1AI score0.06401EPSS
Exploits0References10
nvd
nvd
added 2008/01/16 3:0 a.m.21 views

CVE-2007-5655

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers...

10CVSS7.7AI score0.0555EPSS
Exploits0References10
prion
prion
added 2008/01/16 3:0 a.m.15 views

Heap overflow

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow...

10CVSS8.8AI score0.06401EPSS
Exploits0References10Affected Software3
prion
prion
added 2008/01/16 3:0 a.m.14 views

Design/Logic Flaw

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted requests that control loop operations related to memory...

10CVSS8.4AI score0.05437EPSS
Exploits1References10Affected Software3
nvd
nvd
added 2008/01/16 3:0 a.m.14 views

CVE-2007-5657

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets...

10CVSS7.7AI score0.0555EPSS
Exploits1References10
prion
prion
added 2008/01/16 3:0 a.m.14 views

Buffer overflow

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets...

10CVSS8.3AI score0.0555EPSS
Exploits1References10Affected Software2
prion
prion
added 2008/01/16 3:0 a.m.17 views

Design/Logic Flaw

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers...

10CVSS8.3AI score0.0555EPSS
Exploits0References10Affected Software2
cve
cve
added 2008/01/16 2:0 a.m.52 views

CVE-2007-5658

CVE-2007-5658 covers a heap-based buffer overflow in the TIBCO SmartSockets family: RTserver (6.8.0 and earlier), RTworks (before 4.0.4), and EMS (4.0.0–4.4.1). The flaw arises from processing requests that carry attacker-controlled size and copy-length values, triggering a heap overflow and enab...

10CVSS8.1AI score0.06401EPSS
Exploits0References10Affected Software3
cvelist
cvelist
added 2008/01/16 2:0 a.m.22 views

CVE-2007-5658

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow...

8.1AI score0.06401EPSS
Exploits0References10
cvelist
cvelist
added 2008/01/16 2:0 a.m.23 views

CVE-2007-5656

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted requests that control loop operations related to memory...

7.7AI score0.05437EPSS
Exploits1References10
cvelist
cvelist
added 2008/01/16 2:0 a.m.27 views

CVE-2007-5657

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets...

7.7AI score0.0555EPSS
Exploits1References10
cvelist
cvelist
added 2008/01/16 2:0 a.m.26 views

CVE-2007-5655

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers...

7.7AI score0.0555EPSS
Exploits0References10
securityvulns
securityvulns
added 2008/01/16 12:0 a.m.41 views

iDefense Security Advisory 01.15.08: TIBCO SmartSockets RTserver Heap Overflow Vulnerability

iDefense Security Advisory 01.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 15, 2008 I. BACKGROUND TIBCO SmartSockets is a message passing framework used to transport messages over disparate channels. The RTserver is the server component of the framework. More information can b...

10CVSS0.4AI score0.06401EPSS
Exploits0
Rows per page
Query Builder