CVE-2007-5658

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
http://www.securityfocus.com/bid/27294
http://securitytracker.com/id?1019193
http://secunia.com/advisories/28490
http://www.vupen.com/english/advisories/2008/0173
https://exchange.xforce.ibmcloud.com/vulnerabilities/39703

Configuration 1

cpe:2.3:a:tibco:enterprise_message_service:4.4.1:*:*:*:*:*:*:* cpe:2.3:a:tibco:enterprise_message_service:4.4.0:*:*:*:*:*:*:* cpe:2.3:a:tibco:enterprise_message_service:4.1.0:*:*:*:*:*:*:* cpe:2.3:a:tibco:enterprise_message_service:4.2.0:*:*:*:*:*:*:* cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:* cpe:2.3:a:tibco:enterprise_message_service:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:tibco:enterprise_message_service:4.3.0:*:*:*:*:*:*:* cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*

---

Published : 2008-01-16 03:00

Updated : 2017-07-29 01:33

---

NVD link : CVE-2007-5658

Mitre link : CVE-2007-5658

No products.

CWE-20