CVE-2007-5655: Buffer Overflow
First published: Wed Jan 16 2008(Updated: )
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| TIBCO SmartSockets RTserver | <=6.8.0 | |
| Tibco Rtworks | <=4.0.3 | |
| Tibco Ems Server | ||
| TIBCO Enterprise Message Service |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=639
- http://www.tibco.com/mk/advisory.jsp
- http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt
- http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt
- http://www.securityfocus.com/bid/27292
- http://securitytracker.com/id?1019193
- http://secunia.com/advisories/28490
- http://www.vupen.com/english/advisories/2008/0173
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39705
Frequently Asked Questions
What is the severity of CVE-2007-5655?
CVE-2007-5655 is considered to be of high severity due to the potential for remote attackers to execute arbitrary code.
How do I fix CVE-2007-5655?
To fix CVE-2007-5655, upgrade TIBCO SmartSockets RTserver to version 6.8.1 or later, RTworks to version 4.0.4 or later, and EMS to version 4.4.2 or later.
What software is affected by CVE-2007-5655?
CVE-2007-5655 affects TIBCO SmartSockets RTserver versions 6.8.0 and earlier, RTworks versions prior to 4.0.4, and Enterprise Message Service versions 4.0.0 through 4.4.1.
Can CVE-2007-5655 vulnerabilities be exploited remotely?
Yes, CVE-2007-5655 vulnerabilities can be exploited remotely by attackers through crafted requests.
What actions should I take if my system is affected by CVE-2007-5655?
If your system is affected by CVE-2007-5655, you should promptly upgrade to a patched version to mitigate the risk of remote code execution.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/tibco
- canonical/tibco smartsockets rtserver
- version/tibco smartsockets rtserver/6.8.0
- canonical/tibco rtworks
- version/tibco rtworks/4.0.3
- canonical/tibco ems server
- canonical/tibco enterprise message service