Vulnerability Details CVE-2007-5656
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.112
EPSS Ranking 93.1%
CVSS Severity
CVSS v2 Score 10.0
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641
- http://secunia.com/advisories/28490
- http://securitytracker.com/id?1019193
- http://www.securityfocus.com/bid/27293
- http://www.tibco.com/mk/advisory.jsp
- http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
- http://www.vupen.com/english/advisories/2008/0173
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39708
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641
- http://secunia.com/advisories/28490
- http://securitytracker.com/id?1019193
- http://www.securityfocus.com/bid/27293
- http://www.tibco.com/mk/advisory.jsp
- http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
- http://www.vupen.com/english/advisories/2008/0173
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39708
Products affected by CVE-2007-5656
-
cpe:2.3:a:tibco:enterprise_message_service:4.0.0
-
cpe:2.3:a:tibco:enterprise_message_service:4.1.0
-
cpe:2.3:a:tibco:enterprise_message_service:4.2.0
-
cpe:2.3:a:tibco:enterprise_message_service:4.3.0
-
cpe:2.3:a:tibco:enterprise_message_service:4.4.0
-
cpe:2.3:a:tibco:enterprise_message_service:4.4.1
-
cpe:2.3:a:tibco:rtworks:*
-
cpe:2.3:a:tibco:smartsockets_rtserver:*