1. CVE-Search
  2. CVE-2007-5656
ID CVE-2007-5656
Summary TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
References
Vulnerable Configurations
  • cpe:2.3:a:tibco:enterprise_message_service:4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:enterprise_message_service:4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:enterprise_message_service:4.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:enterprise_message_service:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:enterprise_message_service:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:enterprise_message_service:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:enterprise_message_service:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:enterprise_message_service:4.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:enterprise_message_service:4.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:enterprise_message_service:4.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:enterprise_message_service:4.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:enterprise_message_service:4.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:rtworks:*:*:*:*:*:*:*:*
  • cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*
    cpe:2.3:a:tibco:smartsockets_rtserver:*:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 29-07-2017 - 01:33)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 27293
confirm
idefense 20080115 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities
sectrack 1019193
secunia 28490
vupen ADV-2008-0173
xf tibco-rtserver-loop-code-execution(39708)
Last major update 29-07-2017 - 01:33
Published 16-01-2008 - 03:00
Last modified 29-07-2017 - 01:33
Back to Top