CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0683
https://notcve.org/view.php?id=CVE-2010-0683
Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials. Vulnerabilidad sin especificar en TIBRepoServer5.jar en TIBCO Administrator desde v5.4.0 hasta v5.6.0, cuando se utiliza JMS transport, permite a usuarios remotos autenticados ejecutar código arbitrario en todos los nodos de dominio a través de vectores relacionados con las credenciales administrativas. • http://secunia.com/advisories/38732 http://www.securityfocus.com/bid/38396 http://www.tibco.com/multimedia/security_advisory_administrator_tcm8-10685.txt http://www.tibco.com/services/support/advisories/adminstrator-advisory_20100223.jsp http://www.vupen.com/english/advisories/2010/0463 •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2010-0184
https://notcve.org/view.php?id=CVE-2010-0184
The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors. Los componentes (1)domainutility y (2)domainutilitycmd en TIBCO Domain Utility en TIBCO Runtime Agent (TRA) anterior a v5.6.2, usado en TIBCO ActiveMatrix BusinessWorks y otros productos, establece permisos débiles sobre los archivos de propiedades del dominio, lo que permite a usuarios locales, obtener credenciales de administrador, y obtener privilegios sobre todos lo sistemas, a través de vectores no especificados. • http://secunia.com/advisories/38191 http://www.securityfocus.com/bid/37805 http://www.tibco.com/mk/advisory.jsp http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt http://www.vupen.com/english/advisories/2010/0128 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 16%CPEs: 13EXPL: 0CVE-2009-1291
https://notcve.org/view.php?id=CVE-2009-1291
Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd. Desbordamiento de búfer basado en pila en TIBCO SmartSockets antes de v6.8.2, SmartSockets Product Family (alias RTworks) antes de v4.0.5, y Enterprise Message Service (EMS) v4.0.0 hasta v5.1.1, utilizado en SmartSockets Server y RTworks Server (alias RTserver), librerias del cliente SmartSockets y productos con el complemento, librerias y componentes RTworks, EMS Server (alias tibemsd), SmartMQ, iProcess Engine, productos ActiveMatrix, y CA Enterprise Communicator, permite a atacantes remotos ejecutar código arbitrario a través de "inbound data," (datos de entrada), como lo demuestran las solicitudes de la interfaz UDP de el componente RTserver, y inyección de datos en el flujo TCP a tibemsd. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785 http://secunia.com/advisories/34911 http://securitytracker.com/id?1022129 http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html http://www.securityfocus.com/bid/34754 http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt http://www.tibco • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 5%CPEs: 22EXPL: 0CVE-2008-3338
https://notcve.org/view.php?id=CVE-2008-3338
Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk before 4.8.1; Runtime Agent (TRA) before 5.6.0; iProcess Engine 10.3.0 through 10.6.2 and 11.0.0; and Mainframe Service Tracker before 1.1.0 might allow remote attackers to execute arbitrary code via a crafted message. Múltiples desbordamientos de búfer en TIBCO Hawk (1) la librería AMI C (libtibhawkami) y (2) Hawk HMA (tibhawkhma), como se usan en TIBCO Hawk antes de 4.8.1; Runtime Agent (TRA) anterior a 5.6.0; iProcess Engine de 10.3.0 a 10.6.2 y 11.0.0; y Mainframe Service Tracker anterior a 1.1.0 podría permitir a atacantes remotos ejecutar código de su elección mediante un mensaje manipulado. • http://secunia.com/advisories/31618 http://www.securityfocus.com/bid/30836 http://www.tibco.com/resources/mk/hawk_security_advisory_20080729.txt http://www.vupen.com/english/advisories/2008/2448 https://exchange.xforce.ibmcloud.com/vulnerabilities/44604 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 10%CPEs: 19EXPL: 0CVE-2008-1703
https://notcve.org/view.php?id=CVE-2008-1703
Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message. Múltiples desbordamientos de búfer en TIBCO Software Rendezvous anterior a 8.1.0., utilizado en múltiples productos TIBCO,permitena atacantes remotos ejecutar código de su elección mediante un mensaje manipulado. • http://secunia.com/advisories/29774 http://www.osvdb.org/44269 http://www.securityfocus.com/bid/28717 http://www.securitytracker.com/id?1019826 http://www.tibco.com/resources/mk/rendezvous_security_advisory_20080409.txt http://www.vupen.com/english/advisories/2008/1189/references http://www.vupen.com/english/advisories/2008/1190/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •