Back to CVE Browser

CVE-2007-5658

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0870%

EPSS Percentile8.31th

PublishedJan 16, 2008

Last ModifiedApr 23, 2026

Vulnerability Description

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.

Affected Platforms (CPE)

📦

Tibco

Enterprise Message Service

= 4.0.0

📦

Tibco

Enterprise Message Service

= 4.1.0

📦

Tibco

Enterprise Message Service

= 4.2.0

📦

Tibco

Enterprise Message Service

= 4.3.0

📦

Tibco

Enterprise Message Service

= 4.4.0

📦

Tibco

Enterprise Message Service

= 4.4.1

📦

Tibco

Rtworks

<= 4.0.3

📦

Tibco

Smartsockets Rtserver

<= 6.8.0

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638

🔗 http://secunia.com/advisories/28490

🔗 http://securitytracker.com/id?1019193

🔗 http://www.securityfocus.com/bid/27294

🔗 http://www.tibco.com/mk/advisory.jsp

🔗 http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt

🔗 http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt

🔗 http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt

Related Vulnerabilities

CVE-2007-533110.0

Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Back...

CVE-2007-532810.0

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers...

CVE-2009-129110.0

Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterp...

CVE-2007-565510.0

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allo...