Denial of Service Vulnerability in TIBCO SmartSockets RTserver and EMS Products
CVE-2007-5656

Currently unrated

Key Information:

Vendor

Tibco
Status
Enterprise Message Service
Smartsockets Rtserver
Rtworks
Vendor
CVE Published:
16 January 2008

What is CVE-2007-5656?

TIBCO SmartSockets RTserver up to version 6.8.0, RTworks prior to 4.0.4, and EMS versions 4.0.0 to 4.4.1 contain a vulnerability that enables remote attackers to launch denial of service attacks and potentially execute arbitrary code. This threat arises from crafted requests that manipulate loop operations tied to memory management, leading to system crashes and exposing the affected products to further exploitation.

References

http://www.tibco.com/resources/mk/ems_security_advisory_2...
x_refsource_CONFIRM
http://secunia.com/advisories/28490
third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1019193
vdb-entryx_refsource_SECTRACK

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2007-5656 : Denial of Service Vulnerability in TIBCO SmartSockets RTserver and EMS Products