Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:38
Type | Values Removed | Values Added |
---|---|---|
References | () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638 - | |
References | () http://secunia.com/advisories/28490 - | |
References | () http://securitytracker.com/id?1019193 - | |
References | () http://www.securityfocus.com/bid/27294 - | |
References | () http://www.tibco.com/mk/advisory.jsp - | |
References | () http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt - | |
References | () http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt - | |
References | () http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt - | |
References | () http://www.vupen.com/english/advisories/2008/0173 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/39703 - |
Information
Published : 2008-01-16 03:00
Updated : 2024-11-21 00:38
NVD link : CVE-2007-5658
Mitre link : CVE-2007-5658
CVE.ORG link : CVE-2007-5658
JSON object : View
Products Affected
tibco
- rtworks
- smartsockets_rtserver
- enterprise_message_service
CWE
CWE-20
Improper Input Validation