Vulnerability Details CVE-2007-5655
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.178
EPSS Ranking 94.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639
- http://secunia.com/advisories/28490
- http://securitytracker.com/id?1019193
- http://www.securityfocus.com/bid/27292
- http://www.tibco.com/mk/advisory.jsp
- http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
- http://www.vupen.com/english/advisories/2008/0173
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39705
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639
- http://secunia.com/advisories/28490
- http://securitytracker.com/id?1019193
- http://www.securityfocus.com/bid/27292
- http://www.tibco.com/mk/advisory.jsp
- http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
- http://www.vupen.com/english/advisories/2008/0173
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39705
Products affected by CVE-2007-5655
-
cpe:2.3:a:tibco:enterprise_message_service:-
-
cpe:2.3:a:tibco:enterprise_message_service:5.1.0
-
cpe:2.3:a:tibco:enterprise_message_service:5.1.1
-
cpe:2.3:a:tibco:enterprise_message_service:5.1.2
-
cpe:2.3:a:tibco:enterprise_message_service:5.1.3
-
cpe:2.3:a:tibco:enterprise_message_service:5.1.4
-
cpe:2.3:a:tibco:enterprise_message_service:5.1.5
-
cpe:2.3:a:tibco:enterprise_message_service:6.0.0
-
cpe:2.3:a:tibco:enterprise_message_service:6.0.1
-
cpe:2.3:a:tibco:enterprise_message_service:6.1.0
-
cpe:2.3:a:tibco:enterprise_message_service:6.2.0
-
cpe:2.3:a:tibco:enterprise_message_service:6.3.0
-
cpe:2.3:a:tibco:enterprise_message_service:7.0.0
-
cpe:2.3:a:tibco:enterprise_message_service:7.0.1
-
cpe:2.3:a:tibco:enterprise_message_service:8.0.0
-
cpe:2.3:a:tibco:enterprise_message_service:8.1.0
-
cpe:2.3:a:tibco:enterprise_message_service:8.2.0
-
cpe:2.3:a:tibco:enterprise_message_service:8.2.1
-
cpe:2.3:a:tibco:enterprise_message_service:8.2.2
-
cpe:2.3:a:tibco:enterprise_message_service:8.3.0
-
cpe:2.3:a:tibco:enterprise_message_service:8.4.0
-
cpe:2.3:a:tibco:enterprise_message_service:8.4.1
-
cpe:2.3:a:tibco:enterprise_message_service:8.5.0
-
cpe:2.3:a:tibco:enterprise_message_service:8.5.1
-
cpe:2.3:a:tibco:rtworks:*
-
cpe:2.3:a:tibco:smartsockets_rtserver:*
-
cpe:2.3:h:tibco:ems_server:*