Buffer Overflow Vulnerability in TIBCO Software's Enterprise Message Service
CVE-2008-1704

Currently unrated

Key Information:

Vendor: Tibco
Status: Enterprise Message Service; Iprocess Engine
Vendor: CVE Published:; 11 April 2008

Summary

Multiple buffer overflow vulnerabilities exist in TIBCO Software's Enterprise Message Service (EMS) prior to version 4.4.3 and in iProcess Engine versions 10.6.0 to 10.6.1. These vulnerabilities can be exploited by remote attackers sending specially crafted messages to the EMS server, potentially allowing them to execute arbitrary code. Organizations using these affected versions should review their security practices and apply necessary patches to mitigate the risks associated with these vulnerabilities.

References

http://www.tibco.com/resources/mk/ems_security_advisory_2...

x_refsource_CONFIRM

http://www.securitytracker.com/id?1019826

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/41761

vdb-entryx_refsource_XF

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 11, 2008
Vulnerability Reserved
Apr 8, 2008