CVE-2007-5655

{"id": "CVE-2007-5655", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-01-16T03:00:00.000", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/28490", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1019193", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/27292", "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/mk/advisory.jsp", "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt", "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt", "source": "cve@mitre.org"}, {"url": "http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0173", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39705", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers."}, {"lang": "es", "value": "TIBCO SmartSockets RTserver 6.8.0 y anteriores, RTworks anterior a 4.0.4, y Enterprise Message Service (EMS) 4.0.0 hasta la 4.4.1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de respuestas manipuladas que contienen valores que son utilizados como punteros."}], "lastModified": "2017-07-29T01:33:47.630", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A4F1058-6D26-4FA9-ACC0-8E2CB9E47EE8", "versionEndIncluding": "4.0.3"}, {"criteria": "cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A607554-6A94-47FC-919C-8BC77E72E527", "versionEndIncluding": "6.8.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tibco:ems_server:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A71A6DEC-C0A5-456D-BB28-EC5CA61BE796"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tibco:enterprise_message_service:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C559EFC8-9BA6-41F7-AB44-3C10AEC52F56"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}