CVE Vulnerability

CVE-2007-5656

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
http://www.securityfocus.com/bid/27293 Patch
http://securitytracker.com/id?1019193
http://secunia.com/advisories/28490
http://www.vupen.com/english/advisories/2008/0173
https://exchange.xforce.ibmcloud.com/vulnerabilities/39708
Configurations

Configuration 1

cpe:2.3:a:tibco:enterprise_message_service:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:tibco:enterprise_message_service:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:enterprise_message_service:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:enterprise_message_service:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*
cpe:2.3:a:tibco:enterprise_message_service:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:enterprise_message_service:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*
Information

Published : 2008-01-16 03:00

Updated : 2017-07-29 01:33

NVD link : CVE-2007-5656

Mitre link : CVE-2007-5656

Products Affected
No products.
CWE
CWE-399