CVE-2015-4554
https://notcve.org/view.php?id=CVE-2015-4554
Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors. Múltiples vulnerabilidades no especificadas en TIBCO Spotfire Client y Spotfire Web Player Client en Spotfire Analyst en sus versiones anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1; Spotfire Analytics Platform para AWS 6.5 y 7.0.x anteriores a 7.0.1; Spotfire Automation Services anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1; Spotfire Deployment Kit anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1; Spotfire Desktop anteriores a 6.5.2 y 7.0.x anteriores a 7.0.1; Spotfire Desktop Language Packs 7.0.x anteriores a 7.0.1; Spotfire Professional anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1; Spotfire Web Player anteriores a 5.5.2, 6.0.x anteriores a 6.0.3, 6.5.x anteriores a 6.5.3 y 7.0.x anteriores a 7.0.1 y Silver Fabric Enabler para Spotfire Web Player anteriores a 2.1.1 permiten a atacantes remotos obtener información sensible o ejecutar código arbitrario a través de vectores desconocidos. • http://www.securitytracker.com/id/1033015 http://www.tibco.com/assets/blt1fd126faba191a9f/2015-001-advisory.txt http://www.tibco.com/mk/advisory.jsp •
CVE-2014-7195
https://notcve.org/view.php?id=CVE-2014-7195
Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before 6.0.2 and 6.5.x before 6.5.2, Spotfire Deployment Kit 6.0.x before 6.0.2 and 6.5.x before 6.5.2, and Silver Fabric Enabler for Spotfire Web Player before 1.6.1 allows remote authenticated users to obtain sensitive information via unspecified vectors. Spotfire Web Player Engine en TIBCO Spotfire Web Player 6.0.x anterior a 6.0.2 y 6.5.x anterior a 6.5.2, Spotfire Deployment Kit 6.0.x anterior a 6.0.2 y 6.5.x anterior a 6.5.2, y Silver Fabric Enabler para Spotfire Web Player anterior a 1.6.1 permite a usuarios remotos autenticados obtener información sensible a través de vectores sin especificar. • http://www.tibco.com/assets/blta5b5c969aff51474/2014-009-spotfire-advisory.txt http://www.tibco.com/mk/advisory.jsp • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-2544
https://notcve.org/view.php?id=CVE-2014-2544
Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en Spotfire Web Player Engine, Spotfire Desktop y el módulo de autenticación de servidor de Spotfire en TIBCO Spotfire Server 3.3.x anterior a 3.3.4, 4.5.x anterior a 4.5.1, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.2; Spotfire Professional 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Web Player 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Automation Services 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Deployment Kit 4.0.x anterior a 4.0.4, 4.5.x anterior a 4.5.2, 5.0.x anterior a 5.0.2, 5.5.x anterior a 5.5.1 y 6.x anterior a 6.0.1; Spotfire Desktop 6.x anterior a 6.0.1 y Spotfire Analyst 6.x anterior a 6.0.1 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • http://www.tibco.com/mk/advisory.jsp http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt •