CVE-2007-5656

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.

Published: Jan 16, 2008
Updated: Apr 13, 2023
CVE: CVE-2007-5656
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
tibco / enterprise_message_service	4.4.1	4.4.1.x
tibco / enterprise_message_service	4.4.0	4.4.0.x
tibco / enterprise_message_service	4.1.0	4.1.0.x
tibco / enterprise_message_service	4.2.0	4.2.0.x
tibco / smartsockets_rtserver	-	6.8.0.x
tibco / enterprise_message_service	4.0.0	4.0.0.x
tibco / enterprise_message_service	4.3.0	4.3.0.x
tibco / rtworks	-	4.0.3.x

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641
http://secunia.com/advisories/28490
http://securitytracker.com/id?1019193
http://www.securityfocus.com/bid/27293
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
http://www.vupen.com/english/advisories/2008/0173
https://exchange.xforce.ibmcloud.com/vulnerabilities/39708

Vulnerability Database

290,020

CVE-2007-5656