CVE-2007-5657
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
92.7%
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tibco | rtworks | * | cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:* |
| tibco | smartsockets_rtserver | * | cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:* |
| tibco | ems_server | * | cpe:2.3:h:tibco:ems_server:*:*:*:*:*:*:*:* |
| tibco | enterprise_message_service | * | cpe:2.3:a:tibco:enterprise_message_service:*:*:*:*:*:*:*:* |
References
labs.idefense.com/intelligence/vulnerabilities/display.php?id=640
secunia.com/advisories/28490
securitytracker.com/id?1019193
www.securityfocus.com/bid/27295
www.tibco.com/mk/advisory.jsp
www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
www.vupen.com/english/advisories/2008/0173
exchange.xforce.ibmcloud.com/vulnerabilities/39707
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
92.7%