返回 CVE 浏览器

CVE-2007-5656

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0100%

EPSS Percentile4.72th

Published2008年1月16日

Last Modified2026年4月23日

Vulnerability Description

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.

Affected Platforms (CPE)

📦

Tibco

Enterprise Message Service

= 4.0.0

📦

Tibco

Enterprise Message Service

= 4.1.0

📦

Tibco

Enterprise Message Service

= 4.2.0

📦

Tibco

Enterprise Message Service

= 4.3.0

📦

Tibco

Enterprise Message Service

= 4.4.0

📦

Tibco

Enterprise Message Service

= 4.4.1

📦

Tibco

Rtworks

<= 4.0.3

📦

Tibco

Smartsockets Rtserver

<= 6.8.0

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=641

🔗 http://secunia.com/advisories/28490

🔗 http://securitytracker.com/id?1019193

🔗 http://www.securityfocus.com/bid/27293

🔗 http://www.tibco.com/mk/advisory.jsp

🔗 http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt

🔗 http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt

🔗 http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt

相关漏洞威胁

CVE-2007-533110.0

Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Back...

CVE-2007-532810.0

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers...

CVE-2009-129110.0

Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterp...

CVE-2007-565510.0

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allo...