CVE-2014-2543

Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data.

Published: Apr 9, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-2543
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
tibco / rendezvous	7.5.3	7.5.3.x
tibco / rendezvous	-	8.4.1.x
tibco / messaging_appliance	-	8.7.0.x
tibco / rendezvous	8.10	8.10.x
tibco / substantiation_es	-	2.8.0.x
tibco / rendezvous	8.2.1	8.2.1.x
tibco / rendezvous	7.5.4	7.5.4.x
tibco / rendezvous	8.3.1	8.3.1.x
tibco / rendezvous	7.5.2	7.5.2.x
tibco / rendezvous	7.5.1	7.5.1.x
tibco / rendezvous	8.3.0	8.3.0.x
tibco / rendezvous	7.4.11	7.4.11.x

http://www.securityfocus.com/bid/66744
http://www.securitytracker.com/id/1030070
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt

Vulnerability Database

290,206

CVE-2014-2543