返回 CVE 瀏覽器

CVE-2007-5658

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0870%

EPSS Percentile8.31th

Published2008年1月16日

Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.

Affected Platforms (CPE)

📦

Tibco

Enterprise Message Service

= 4.0.0

📦

Tibco

Enterprise Message Service

= 4.1.0

📦

Tibco

Enterprise Message Service

= 4.2.0

📦

Tibco

Enterprise Message Service

= 4.3.0

📦

Tibco

Enterprise Message Service

= 4.4.0

📦

Tibco

Enterprise Message Service

= 4.4.1

📦

Tibco

Rtworks

<= 4.0.3

📦

Tibco

Smartsockets Rtserver

<= 6.8.0

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638

🔗 http://secunia.com/advisories/28490

🔗 http://securitytracker.com/id?1019193

🔗 http://www.securityfocus.com/bid/27294

🔗 http://www.tibco.com/mk/advisory.jsp

🔗 http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt

🔗 http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt

🔗 http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt

相關漏洞威脅

CVE-2007-533110.0

Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Back...

CVE-2007-532810.0

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers...

CVE-2009-129110.0

Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterp...

CVE-2007-565510.0

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allo...