5 matches found
CVE-2008-3338
CVE-2008-3338 : Multiple buffer overflows in TIBCO Hawk components (libtibhawkami AMI C library and tibhawkhma Hawk HMA) allow remote code execution via a crafted message. Affected products/versions include TIBCO Hawk before 4.8.1, Runtime Agent (TRA) before 5.6.0, iProcess Engine 10.3.0–10.6.2 a...
CVE-2008-1703
CVE-2008-1703 maps to multiple buffer overflows in TIBCO Rendezvous and related components (rvd, rvrd, rvsrd, rvsd, rvcache, rva, rvrad, rvperfm/rvperfs, libtibrv, libtibrvipm, rvacld, rvtxd, procmgr/pmsulib, tibssxfr, sxf3rpub, sxf3rsub). The root cause is buffer overflows when processing inboun...
CVE-2011-2020
TIBCO iProcess vulnerability CVE-2011-2020 is a cross-site scripting flaw in inbound HTTP request handling. Affects TIBCO iProcess Engine prior to 11.1.3 and iProcess Workspace prior to 11.3.1, where an attacker could inject arbitrary web script/HTML. The advisory states affected components inclu...
CVE-2008-1704
TIBCO EMS and related Rendezvous components suffer remote buffer overflow vulnerabilities. Specifically, EMS before 4.4.3 and iProcess Engine 10.6.0–10.6.1 are affected, enabling remote code execution via crafted inbound messages to tibemsd. The Seebug/Nessus records also list multiple Rendezvous...
CVE-2011-2021
CVE-2011-2021 covers a session-fixation vulnerability in TIBCO iProcess components (Engine before 11.1.3 and Workspace before 11.3.1). The issue can allow remote attackers to hijack web sessions via unspecified vectors by manipulating inbound HTTP session handling. Affected components include TIB...